upstream/mercurial-mirror Files · tests/test-hgweb-raw.t

sslutil: prevent CRIME...

sslutil: prevent CRIME ssl.create_default_context() disables compression on the TLS channel in order to prevent CRIME. I think we should follow CPython's lead and attempt to disable channel compression in order to help prevent information leakage. Sadly, I don't think there is anything we can do on Python versions that don't have an SSLContext, as there is no way to set channel options with the limited ssl API.

Matt Mackall - - Load All Authors

File last commit:

r25472:4d2b9b30 default


                r29558:a935cd7d

default

Download file

             test-hgweb-raw.t
        
                    58 lines
            
             | 1.9 KiB
            
                | text/troff
            
             |
                Tads3Lexer
            
             / tests / test-hgweb-raw.t
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      #require serve

      Test raw style of hgweb

        $ hg init test

        $ cd test

        $ mkdir sub

        $ cat >'sub/some text%.txt' <<ENDSOME

        > This is just some random text

        > that will go inside the file and take a few lines.

        > It is very boring to read, but computers don't

        > care about things like that.

        > ENDSOME

        $ hg add 'sub/some text%.txt'

        $ hg commit -d "1 0" -m "Just some text"

        $ hg serve -p $HGPORT -A access.log -E error.log -d --pid-file=hg.pid

        $ cat hg.pid >> $DAEMON_PIDS

        $ (get-with-headers.py localhost:$HGPORT '?f=bf0ff59095c9;file=sub/some%20text%25.txt;style=raw' content-type content-length content-disposition) >getoutput.txt

        $ killdaemons.py hg.pid

        $ cat getoutput.txt

        200 Script output follows

        content-type: application/binary

        content-length: 157

        content-disposition: inline; filename="some text%.txt"

        This is just some random text

        that will go inside the file and take a few lines.

        It is very boring to read, but computers don't

        care about things like that.

        $ cat access.log error.log

        127.0.0.1 - - [*] "GET /?f=bf0ff59095c9;file=sub/some%20text%25.txt;style=raw HTTP/1.1" 200 - (glob)

        $ rm access.log error.log

        $ hg serve -p $HGPORT -A access.log -E error.log -d --pid-file=hg.pid \

        > --config web.guessmime=True

        $ cat hg.pid >> $DAEMON_PIDS

        $ (get-with-headers.py localhost:$HGPORT '?f=bf0ff59095c9;file=sub/some%20text%25.txt;style=raw' content-type content-length content-disposition) >getoutput.txt

        $ killdaemons.py hg.pid

        $ cat getoutput.txt

        200 Script output follows

        content-type: text/plain; charset="ascii"

        content-length: 157

        content-disposition: inline; filename="some text%.txt"

        This is just some random text

        that will go inside the file and take a few lines.

        It is very boring to read, but computers don't

        care about things like that.

        $ cat access.log error.log

        127.0.0.1 - - [*] "GET /?f=bf0ff59095c9;file=sub/some%20text%25.txt;style=raw HTTP/1.1" 200 - (glob)

        $ cd ..

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				#require serve

				Test raw style of hgweb

				$ hg init test
				$ cd test
				$ mkdir sub
				$ cat >'sub/some text%.txt' <<ENDSOME
				> This is just some random text
				> that will go inside the file and take a few lines.
				> It is very boring to read, but computers don't
				> care about things like that.
				> ENDSOME
				$ hg add 'sub/some text%.txt'
				$ hg commit -d "1 0" -m "Just some text"

				$ hg serve -p $HGPORT -A access.log -E error.log -d --pid-file=hg.pid

				$ cat hg.pid >> $DAEMON_PIDS
				$ (get-with-headers.py localhost:$HGPORT '?f=bf0ff59095c9;file=sub/some%20text%25.txt;style=raw' content-type content-length content-disposition) >getoutput.txt

				$ killdaemons.py hg.pid

				$ cat getoutput.txt
				200 Script output follows
				content-type: application/binary
				content-length: 157
				content-disposition: inline; filename="some text%.txt"

				This is just some random text
				that will go inside the file and take a few lines.
				It is very boring to read, but computers don't
				care about things like that.
				$ cat access.log error.log
				127.0.0.1 - - [*] "GET /?f=bf0ff59095c9;file=sub/some%20text%25.txt;style=raw HTTP/1.1" 200 - (glob)

				$ rm access.log error.log
				$ hg serve -p $HGPORT -A access.log -E error.log -d --pid-file=hg.pid \
				> --config web.guessmime=True

				$ cat hg.pid >> $DAEMON_PIDS
				$ (get-with-headers.py localhost:$HGPORT '?f=bf0ff59095c9;file=sub/some%20text%25.txt;style=raw' content-type content-length content-disposition) >getoutput.txt
				$ killdaemons.py hg.pid

				$ cat getoutput.txt
				200 Script output follows
				content-type: text/plain; charset="ascii"
				content-length: 157
				content-disposition: inline; filename="some text%.txt"

				This is just some random text
				that will go inside the file and take a few lines.
				It is very boring to read, but computers don't
				care about things like that.
				$ cat access.log error.log
				127.0.0.1 - - [*] "GET /?f=bf0ff59095c9;file=sub/some%20text%25.txt;style=raw HTTP/1.1" 200 - (glob)

				$ cd ..