Show More
@@ -736,6 +736,9 b" coreconfigitem('web', 'port'," | |||||
736 | coreconfigitem('web', 'prefix', |
|
736 | coreconfigitem('web', 'prefix', | |
737 | default='', |
|
737 | default='', | |
738 | ) |
|
738 | ) | |
|
739 | coreconfigitem('web', 'push_ssl', | |||
|
740 | default=True, | |||
|
741 | ) | |||
739 | coreconfigitem('web', 'refreshinterval', |
|
742 | coreconfigitem('web', 'refreshinterval', | |
740 | default=20, |
|
743 | default=20, | |
741 | ) |
|
744 | ) |
@@ -69,7 +69,7 b' def checkauthz(hgweb, req, op):' | |||||
69 | # require ssl by default for pushing, auth info cannot be sniffed |
|
69 | # require ssl by default for pushing, auth info cannot be sniffed | |
70 | # and replayed |
|
70 | # and replayed | |
71 | scheme = req.env.get('wsgi.url_scheme') |
|
71 | scheme = req.env.get('wsgi.url_scheme') | |
72 |
if hgweb.configbool('web', 'push_ssl' |
|
72 | if hgweb.configbool('web', 'push_ssl') and scheme != 'https': | |
73 | raise ErrorResponse(HTTP_FORBIDDEN, 'ssl required') |
|
73 | raise ErrorResponse(HTTP_FORBIDDEN, 'ssl required') | |
74 |
|
74 | |||
75 | deny = hgweb.configlist('web', 'deny_push') |
|
75 | deny = hgweb.configlist('web', 'deny_push') |
General Comments 0
You need to be logged in to leave comments.
Login now