Show More
@@ -152,11 +152,14 b' HTTP Version 2 Transport' | |||||
152 | Version 2 of the HTTP protocol is exposed under the ``/api/*`` URL space. |
|
152 | Version 2 of the HTTP protocol is exposed under the ``/api/*`` URL space. | |
153 | It's final API name is not yet formalized. |
|
153 | It's final API name is not yet formalized. | |
154 |
|
154 | |||
155 | Commands are triggered by sending HTTP requests against URLs of the |
|
155 | Commands are triggered by sending HTTP POST requests against URLs of the | |
156 | form ``<permission>/<command>``, where ``<permission>`` is ``ro`` or |
|
156 | form ``<permission>/<command>``, where ``<permission>`` is ``ro`` or | |
157 | ``rw``, meaning read-only and read-write, respectively and ``<command>`` |
|
157 | ``rw``, meaning read-only and read-write, respectively and ``<command>`` | |
158 | is a named wire protocol command. |
|
158 | is a named wire protocol command. | |
159 |
|
159 | |||
|
160 | Non-POST request methods MUST be rejected by the server with an HTTP | |||
|
161 | 405 response. | |||
|
162 | ||||
160 | Commands that modify repository state in meaningful ways MUST NOT be |
|
163 | Commands that modify repository state in meaningful ways MUST NOT be | |
161 | exposed under the ``ro`` URL prefix. All available commands MUST be |
|
164 | exposed under the ``ro`` URL prefix. All available commands MUST be | |
162 | available under the ``rw`` URL prefix. |
|
165 | available under the ``rw`` URL prefix. |
@@ -299,6 +299,12 b' def _handlehttpv2request(rctx, req, res,' | |||||
299 | res.setbodybytes(_('unknown permission: %s') % permission) |
|
299 | res.setbodybytes(_('unknown permission: %s') % permission) | |
300 | return |
|
300 | return | |
301 |
|
301 | |||
|
302 | if req.method != 'POST': | |||
|
303 | res.status = b'405 Method Not Allowed' | |||
|
304 | res.headers[b'Allow'] = b'POST' | |||
|
305 | res.setbodybytes(_('commands require POST requests')) | |||
|
306 | return | |||
|
307 | ||||
302 | # At some point we'll want to use our own API instead of recycling the |
|
308 | # At some point we'll want to use our own API instead of recycling the | |
303 | # behavior of version 1 of the wire protocol... |
|
309 | # behavior of version 1 of the wire protocol... | |
304 | # TODO return reasonable responses - not responses that overload the |
|
310 | # TODO return reasonable responses - not responses that overload the |
@@ -63,11 +63,11 b' Restart server with support for HTTP v2 ' | |||||
63 | Request to read-only command works out of the box |
|
63 | Request to read-only command works out of the box | |
64 |
|
64 | |||
65 | $ send << EOF |
|
65 | $ send << EOF | |
66 |
> httprequest |
|
66 | > httprequest POST api/$HTTPV2/ro/customreadonly | |
67 | > user-agent: test |
|
67 | > user-agent: test | |
68 | > EOF |
|
68 | > EOF | |
69 | using raw connection to peer |
|
69 | using raw connection to peer | |
70 |
s> |
|
70 | s> POST /api/exp-http-v2-0001/ro/customreadonly HTTP/1.1\r\n | |
71 | s> Accept-Encoding: identity\r\n |
|
71 | s> Accept-Encoding: identity\r\n | |
72 | s> user-agent: test\r\n |
|
72 | s> user-agent: test\r\n | |
73 | s> host: $LOCALIP:$HGPORT\r\n (glob) |
|
73 | s> host: $LOCALIP:$HGPORT\r\n (glob) | |
@@ -84,11 +84,11 b' Request to read-only command works out o' | |||||
84 | Request to unknown command yields 404 |
|
84 | Request to unknown command yields 404 | |
85 |
|
85 | |||
86 | $ send << EOF |
|
86 | $ send << EOF | |
87 |
> httprequest |
|
87 | > httprequest POST api/$HTTPV2/ro/badcommand | |
88 | > user-agent: test |
|
88 | > user-agent: test | |
89 | > EOF |
|
89 | > EOF | |
90 | using raw connection to peer |
|
90 | using raw connection to peer | |
91 |
s> |
|
91 | s> POST /api/exp-http-v2-0001/ro/badcommand HTTP/1.1\r\n | |
92 | s> Accept-Encoding: identity\r\n |
|
92 | s> Accept-Encoding: identity\r\n | |
93 | s> user-agent: test\r\n |
|
93 | s> user-agent: test\r\n | |
94 | s> host: $LOCALIP:$HGPORT\r\n (glob) |
|
94 | s> host: $LOCALIP:$HGPORT\r\n (glob) | |
@@ -102,9 +102,30 b' Request to unknown command yields 404' | |||||
102 | s> \r\n |
|
102 | s> \r\n | |
103 | s> unknown wire protocol command: badcommand\n |
|
103 | s> unknown wire protocol command: badcommand\n | |
104 |
|
104 | |||
|
105 | GET to read-only command yields a 405 | |||
|
106 | ||||
|
107 | $ send << EOF | |||
|
108 | > httprequest GET api/$HTTPV2/ro/customreadonly | |||
|
109 | > user-agent: test | |||
|
110 | > EOF | |||
|
111 | using raw connection to peer | |||
|
112 | s> GET /api/exp-http-v2-0001/ro/customreadonly HTTP/1.1\r\n | |||
|
113 | s> Accept-Encoding: identity\r\n | |||
|
114 | s> user-agent: test\r\n | |||
|
115 | s> host: $LOCALIP:$HGPORT\r\n (glob) | |||
|
116 | s> \r\n | |||
|
117 | s> makefile('rb', None) | |||
|
118 | s> HTTP/1.1 405 Method Not Allowed\r\n | |||
|
119 | s> Server: testing stub value\r\n | |||
|
120 | s> Date: $HTTP_DATE$\r\n | |||
|
121 | s> Allow: POST\r\n | |||
|
122 | s> Content-Length: 30\r\n | |||
|
123 | s> \r\n | |||
|
124 | s> commands require POST requests | |||
|
125 | ||||
105 | Request to read-write command fails because server is read-only by default |
|
126 | Request to read-write command fails because server is read-only by default | |
106 |
|
127 | |||
107 |
GET to read-write request |
|
128 | GET to read-write request yields 405 | |
108 |
|
129 | |||
109 | $ send << EOF |
|
130 | $ send << EOF | |
110 | > httprequest GET api/$HTTPV2/rw/customreadonly |
|
131 | > httprequest GET api/$HTTPV2/rw/customreadonly | |
@@ -117,12 +138,13 b' GET to read-write request not allowed' | |||||
117 | s> host: $LOCALIP:$HGPORT\r\n (glob) |
|
138 | s> host: $LOCALIP:$HGPORT\r\n (glob) | |
118 | s> \r\n |
|
139 | s> \r\n | |
119 | s> makefile('rb', None) |
|
140 | s> makefile('rb', None) | |
120 |
s> HTTP/1.1 405 |
|
141 | s> HTTP/1.1 405 Method Not Allowed\r\n | |
121 | s> Server: testing stub value\r\n |
|
142 | s> Server: testing stub value\r\n | |
122 | s> Date: $HTTP_DATE$\r\n |
|
143 | s> Date: $HTTP_DATE$\r\n | |
123 | s> Content-Length: 17\r\n |
|
144 | s> Allow: POST\r\n | |
|
145 | s> Content-Length: 30\r\n | |||
124 | s> \r\n |
|
146 | s> \r\n | |
125 | s> permission denied |
|
147 | s> commands require POST requests | |
126 |
|
148 | |||
127 | Even for unknown commands |
|
149 | Even for unknown commands | |
128 |
|
150 | |||
@@ -137,12 +159,13 b' Even for unknown commands' | |||||
137 | s> host: $LOCALIP:$HGPORT\r\n (glob) |
|
159 | s> host: $LOCALIP:$HGPORT\r\n (glob) | |
138 | s> \r\n |
|
160 | s> \r\n | |
139 | s> makefile('rb', None) |
|
161 | s> makefile('rb', None) | |
140 |
s> HTTP/1.1 405 |
|
162 | s> HTTP/1.1 405 Method Not Allowed\r\n | |
141 | s> Server: testing stub value\r\n |
|
163 | s> Server: testing stub value\r\n | |
142 | s> Date: $HTTP_DATE$\r\n |
|
164 | s> Date: $HTTP_DATE$\r\n | |
143 | s> Content-Length: 17\r\n |
|
165 | s> Allow: POST\r\n | |
|
166 | s> Content-Length: 30\r\n | |||
144 | s> \r\n |
|
167 | s> \r\n | |
145 | s> permission denied |
|
168 | s> commands require POST requests | |
146 |
|
169 | |||
147 | SSL required by default |
|
170 | SSL required by default | |
148 |
|
171 | |||
@@ -173,38 +196,6 b' Restart server to allow non-ssl read-wri' | |||||
173 | > web.api.http-v2 = true |
|
196 | > web.api.http-v2 = true | |
174 | > [web] |
|
197 | > [web] | |
175 | > push_ssl = false |
|
198 | > push_ssl = false | |
176 | > EOF |
|
|||
177 |
|
||||
178 | $ hg -R server serve -p $HGPORT -d --pid-file hg.pid |
|
|||
179 | $ cat hg.pid > $DAEMON_PIDS |
|
|||
180 |
|
||||
181 | Server insists on POST for read-write commands |
|
|||
182 |
|
||||
183 | $ send << EOF |
|
|||
184 | > httprequest GET api/$HTTPV2/rw/customreadonly |
|
|||
185 | > user-agent: test |
|
|||
186 | > EOF |
|
|||
187 | using raw connection to peer |
|
|||
188 | s> GET /api/exp-http-v2-0001/rw/customreadonly HTTP/1.1\r\n |
|
|||
189 | s> Accept-Encoding: identity\r\n |
|
|||
190 | s> user-agent: test\r\n |
|
|||
191 | s> host: $LOCALIP:$HGPORT\r\n (glob) |
|
|||
192 | s> \r\n |
|
|||
193 | s> makefile('rb', None) |
|
|||
194 | s> HTTP/1.1 405 push requires POST request\r\n |
|
|||
195 | s> Server: testing stub value\r\n |
|
|||
196 | s> Date: $HTTP_DATE$\r\n |
|
|||
197 | s> Content-Length: 17\r\n |
|
|||
198 | s> \r\n |
|
|||
199 | s> permission denied |
|
|||
200 |
|
||||
201 | $ killdaemons.py |
|
|||
202 | $ cat > server/.hg/hgrc << EOF |
|
|||
203 | > [experimental] |
|
|||
204 | > web.apiserver = true |
|
|||
205 | > web.api.http-v2 = true |
|
|||
206 | > [web] |
|
|||
207 | > push_ssl = false |
|
|||
208 | > allow-push = * |
|
199 | > allow-push = * | |
209 | > EOF |
|
200 | > EOF | |
210 |
|
201 |
General Comments 0
You need to be logged in to leave comments.
Login now