Show More
@@ -736,6 +736,9 b" coreconfigitem('web', 'port'," | |||
|
736 | 736 | coreconfigitem('web', 'prefix', |
|
737 | 737 | default='', |
|
738 | 738 | ) |
|
739 | coreconfigitem('web', 'push_ssl', | |
|
740 | default=True, | |
|
741 | ) | |
|
739 | 742 | coreconfigitem('web', 'refreshinterval', |
|
740 | 743 | default=20, |
|
741 | 744 | ) |
@@ -69,7 +69,7 b' def checkauthz(hgweb, req, op):' | |||
|
69 | 69 | # require ssl by default for pushing, auth info cannot be sniffed |
|
70 | 70 | # and replayed |
|
71 | 71 | scheme = req.env.get('wsgi.url_scheme') |
|
72 |
if hgweb.configbool('web', 'push_ssl' |
|
|
72 | if hgweb.configbool('web', 'push_ssl') and scheme != 'https': | |
|
73 | 73 | raise ErrorResponse(HTTP_FORBIDDEN, 'ssl required') |
|
74 | 74 | |
|
75 | 75 | deny = hgweb.configlist('web', 'deny_push') |
General Comments 0
You need to be logged in to leave comments.
Login now