##// END OF EJS Templates
subrepo: add tests for hg rogue ssh urls (SEC)...
subrepo: add tests for hg rogue ssh urls (SEC) 'ssh://' has an exploit that will pass the url blindly to the ssh command, allowing a malicious person to have a subrepo with '-oProxyCommand' which could run arbitrary code on a user's machine. In addition, at least on Windows, a pipe '|' is able to execute arbitrary commands. When this happens, let's throw a big abort into the user's face so that they can inspect what's going on.

File last commit:

r26421:4b0fc75f default
r33729:475af2f8 stable
Show More
error.tmpl
17 lines | 484 B | application/x-cheetah | CheetahLexer
{header}
<!-- Error -->
<id>{urlbase}{url|urlescape}</id>
<link rel="self" href="{urlbase}{url|urlescape}atom-log"/>
<link rel="alternate" href="{urlbase}{url|urlescape}"/>
<title>Error</title>
<updated>1970-01-01T00:00:00+00:00</updated>
<entry>
<title>Error</title>
<id>https://mercurial-scm.org/#error</id>
<author>
<name>mercurial</name>
</author>
<updated>1970-01-01T00:00:00+00:00</updated>
<content type="text">{error|escape}</content>
</entry>
</feed>