upstream/mercurial-mirror Files · contrib/vim/hgtest.vim

hgweb: fix trust of templates path (BC)...

hgweb: fix trust of templates path (BC) Long ago we disabled trust of the templates path with a comment describing the (insecure) behavior before the change. At some later refactor, the code was apparently changed back to match the comment, unaware that the intent of the comment was to describe the behavior to avoid. This change disables the trust and updates the comment to explicitly say not only what the old problem was, but also that it was in fact a problem and the action taken to prevent it. Impact: prior to this change, if you had a UNIX-based hgweb server where users can write hgrc files, those users could potentially read any file readable by the web server. This is marked as a backwards compatibility issue because people may have configured templates without proper trust settings. Issue spotted by Greg Szorc.

Mads Kiilerich - - Load All Authors

File last commit:

r18052:6db16422 default


                r26120:1a45e49a

3.5.1 stable

Download file

             hgtest.vim
        
                    42 lines
            
             | 1.4 KiB
            
                | text/x-vim
            
             |
                VimLexer
            
             / contrib / vim / hgtest.vim
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      " Vim syntax file

      " Language: Mercurial unified tests

      " Author: Steve Losh (steve@stevelosh.com)

      "

      " Place this file in ~/.vim/syntax/ and add the following line to your

      " ~/.vimrc to enable:

      " au BufNewFile,BufRead *.t set filetype=hgtest

      "

      " If you want folding you'll need the following line as well:

      " let hgtest_fold=1

      "

      " You might also want to set the starting foldlevel for hgtest files:

      " autocmd Syntax hgtest setlocal foldlevel=1

      if exists("b:current_syntax")

        finish

      endif

      syn include @Shell syntax/sh.vim

      syn match hgtestComment /^[^ ].*$/

      syn region hgtestOutput start=/^  [^$>]/ start=/^  $/ end=/\v.(\n\n*[^ ])\@=/me=s end=/^  [$>]/me=e-3 end=/^$/ fold containedin=hgtestBlock

      syn match hgtestCommandStart /^  \$ / containedin=hgtestCommand

      syn region hgtestCommand start=/^  \$ /hs=s+4,rs=s+4 end=/^  [^>]/me=e-3 end=/^  $/me=e-2 containedin=hgtestBlock contains=@Shell keepend

      syn region hgtestBlock start=/^  /ms=e-2 end=/\v.(\n\n*[^ ])\@=/me=s end=/^$/me=e-1 fold keepend

      hi link hgtestCommandStart Keyword

      hi link hgtestComment Normal

      hi link hgtestOutput Comment

      if exists("hgtest_fold")

        setlocal foldmethod=syntax

      endif

      syn sync match hgtestSync grouphere NONE "^$"

      syn sync maxlines=200

      " It's okay to set tab settings here, because an indent of two spaces is specified

      " by the file format.

      setlocal tabstop=2 softtabstop=2 shiftwidth=2 expandtab

      let b:current_syntax = "hgtest"

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				" Vim syntax file
				" Language: Mercurial unified tests
				" Author: Steve Losh (steve@stevelosh.com)
				"
				" Place this file in ~/.vim/syntax/ and add the following line to your
				" ~/.vimrc to enable:
				" au BufNewFile,BufRead *.t set filetype=hgtest
				"
				" If you want folding you'll need the following line as well:
				" let hgtest_fold=1
				"
				" You might also want to set the starting foldlevel for hgtest files:
				" autocmd Syntax hgtest setlocal foldlevel=1

				if exists("b:current_syntax")
				finish
				endif

				syn include @Shell syntax/sh.vim

				syn match hgtestComment /^[^ ].*$/
				syn region hgtestOutput start=/^ [^$>]/ start=/^ $/ end=/\v.(\n\n*[^ ])\@=/me=s end=/^ [$>]/me=e-3 end=/^$/ fold containedin=hgtestBlock
				syn match hgtestCommandStart /^ \$ / containedin=hgtestCommand
				syn region hgtestCommand start=/^ \$ /hs=s+4,rs=s+4 end=/^ [^>]/me=e-3 end=/^ $/me=e-2 containedin=hgtestBlock contains=@Shell keepend
				syn region hgtestBlock start=/^ /ms=e-2 end=/\v.(\n\n*[^ ])\@=/me=s end=/^$/me=e-1 fold keepend

				hi link hgtestCommandStart Keyword
				hi link hgtestComment Normal
				hi link hgtestOutput Comment

				if exists("hgtest_fold")
				setlocal foldmethod=syntax
				endif

				syn sync match hgtestSync grouphere NONE "^$"
				syn sync maxlines=200

				" It's okay to set tab settings here, because an indent of two spaces is specified
				" by the file format.
				setlocal tabstop=2 softtabstop=2 shiftwidth=2 expandtab

				let b:current_syntax = "hgtest"