diff options
author | Matthias Lederhofer <matled@gmx.net> | 2006-09-17 15:29:48 +0200 |
---|---|---|
committer | Junio C Hamano <junkio@cox.net> | 2006-09-17 14:47:46 -0700 |
commit | 645927cec82253a3592ca738c4a405427a71eb31 (patch) | |
tree | 081f3bf2f0be15427dc64b70c0050d745cd90ba6 | |
parent | 9c95fbf94f9a801d04dbe38898909def7a99793f (diff) | |
download | git-645927cec82253a3592ca738c4a405427a71eb31.tar.gz git-645927cec82253a3592ca738c4a405427a71eb31.tar.xz |
gitweb: fix warnings in PATH_INFO code and add export_ok/strict_export
Signed-off-by: Junio C Hamano <junkio@cox.net>
-rwxr-xr-x | gitweb/gitweb.perl | 34 |
1 files changed, 21 insertions, 13 deletions
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index 497129aef..0fb86385c 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -189,9 +189,6 @@ do $GITWEB_CONFIG if -e $GITWEB_CONFIG; # version of the core git binary our $git_version = qx($GIT --version) =~ m/git version (.*)$/ ? $1 : "unknown"; -# path to the current git repository -our $git_dir; - $projects_list ||= $projectroot; # ====================================================================== @@ -273,30 +270,41 @@ if (defined $searchtext) { } # now read PATH_INFO and use it as alternative to parameters -our $path_info = $ENV{"PATH_INFO"}; -$path_info =~ s|^/||; -$path_info =~ s|/$||; -if (validate_input($path_info) && !defined $project) { +sub evaluate_path_info { + return if defined $project; + my $path_info = $ENV{"PATH_INFO"}; + return if !$path_info; + $path_info =~ s,(^/|/$),,gs; + $path_info = validate_input($path_info); + return if !$path_info; $project = $path_info; while ($project && !-e "$projectroot/$project/HEAD") { $project =~ s,/*[^/]*$,,; } - if (defined $project) { - $project = undef unless $project; + if (!$project || + ($export_ok && !-e "$projectroot/$project/$export_ok") || + ($strict_export && !project_in_list($project))) { + undef $project; + return; } + # do not change any parameters if an action is given using the query string + return if $action; if ($path_info =~ m,^$project/([^/]+)/(.+)$,) { # we got "project.git/branch/filename" $action ||= "blob_plain"; - $hash_base ||= $1; - $file_name ||= $2; + $hash_base ||= validate_input($1); + $file_name ||= validate_input($2); } elsif ($path_info =~ m,^$project/([^/]+)$,) { # we got "project.git/branch" $action ||= "shortlog"; - $hash ||= $1; + $hash ||= validate_input($1); } } +evaluate_path_info(); -$git_dir = "$projectroot/$project"; +# path to the current git repository +our $git_dir; +$git_dir = "$projectroot/$project" if $project; # dispatch my %actions = ( |