diff options
author | Blake Burkhart <bburky@bburky.com> | 2015-09-22 18:06:20 -0400 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2015-09-25 15:32:28 -0700 |
commit | b258116462399b318c86165c61a5c7123043cfd4 (patch) | |
tree | 0fab49f2d65cee265a23f3b95e84c57a0e38430f /t | |
parent | f4113cac0c88b4f36ee6f3abf3218034440a68e3 (diff) | |
download | git-b258116462399b318c86165c61a5c7123043cfd4.tar.gz git-b258116462399b318c86165c61a5c7123043cfd4.tar.xz |
http: limit redirection depth
By default, libcurl will follow circular http redirects
forever. Let's put a cap on this so that somebody who can
trigger an automated fetch of an arbitrary repository (e.g.,
for CI) cannot convince git to loop infinitely.
The value chosen is 20, which is the same default that
Firefox uses.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 't')
-rw-r--r-- | t/lib-httpd/apache.conf | 3 | ||||
-rwxr-xr-x | t/t5812-proto-disable-http.sh | 4 |
2 files changed, 7 insertions, 0 deletions
diff --git a/t/lib-httpd/apache.conf b/t/lib-httpd/apache.conf index 68ef8adb8..7d15e6d44 100644 --- a/t/lib-httpd/apache.conf +++ b/t/lib-httpd/apache.conf @@ -121,6 +121,9 @@ RewriteRule ^/smart-redir-auth/(.*)$ /auth/smart/$1 [R=301] RewriteRule ^/smart-redir-limited/(.*)/info/refs$ /smart/$1/info/refs [R=301] RewriteRule ^/ftp-redir/(.*)$ ftp://localhost:1000/$1 [R=302] +RewriteRule ^/loop-redir/x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-(.*) /$1 [R=302] +RewriteRule ^/loop-redir/(.*)$ /loop-redir/x-$1 [R=302] + <IfDefine SSL> LoadModule ssl_module modules/mod_ssl.so diff --git a/t/t5812-proto-disable-http.sh b/t/t5812-proto-disable-http.sh index 6a4f81662..0d105d541 100755 --- a/t/t5812-proto-disable-http.sh +++ b/t/t5812-proto-disable-http.sh @@ -25,5 +25,9 @@ test_expect_success 'curl redirects respect whitelist' ' } ' +test_expect_success 'curl limits redirects' ' + test_must_fail git clone "$HTTPD_URL/loop-redir/smart/repo.git" +' + stop_httpd test_done |