##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

hgweb: extract path traversal checking into standalone function...
hgweb: extract path traversal checking into standalone function A common exploit in web applications that access paths is to insert path separator strings like ".." to try to get the server to serve up files it shouldn't. We have code for detecting this in staticfile(). A subsequent commit will need to perform this test as well. Since this is security code, let's factor the check so we don't have to reinvent the wheel.
Dan Villiom Podlaski Christiansen - - Load All Authors

File last commit:

r9999:f91e5630 default
r31790:62f9679d default
Show More
map-cmdline.changelog
17 lines | 842 B | text/plain | TextLexer
/ mercurial / templates / map-cmdline.changelog
History | Annotation | Raw |Copy content |Copy permalink
header = '{date|shortdate} {author|person} <{author|email}>\n\n'
header_verbose = ''
changeset = '\t* {files|stringify|fill68|tabindent}{desc|fill68|tabindent|strip}\n\t[{node|short}]{tags}{branches}\n\n'
changeset_quiet = '\t* {desc|firstline|fill68|tabindent|strip}\n\n'
changeset_verbose = '{date|isodate} {author|person} <{author|email}> ({node|short}{tags}{branches})\n\n\t* {file_adds|stringify|fill68|tabindent}{file_dels|stringify|fill68|tabindent}{files|stringify|fill68|tabindent}{desc|fill68|tabindent|strip}\n\n'
start_tags = ' ['
tag = '{tag}, '
last_tag = '{tag}]'
start_branches = ' <'
branch = '{branch}, '
last_branch = '{branch}>'
file = '{file}, '
last_file = '{file}:\n\t'
file_add = '{file_add}, '
last_file_add = '{file_add}: new file.\n* '
file_del = '{file_del}, '
last_file_del = '{file_del}: deleted file.\n* '