Fossil

Check-in [75a9c981ab]
Login
Home Timeline Docs Branches Tickets Wiki DownloadMore...

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:"http-allow-regexp" setting and "http -async" (continuing experiments)
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | tkt-change-hook
Files: files | file ages | folders
SHA1: 75a9c981ab5694600795facabb0735a2f1a358da
User & Date: jan.nijtmans 2013-07-09 11:06:05.502
Context
2013-07-09
11:48
First bug found by testing: URL parameters were not being sent. Maybe url_parse() should be exteded doing that. check-in: 6950cd3666 user: jan.nijtmans tags: tkt-change-hook
11:06
"http-allow-regexp" setting and "http -async" (continuing experiments) check-in: 75a9c981ab user: jan.nijtmans tags: tkt-change-hook
2013-07-08
20:07
limit hook http requests to localhost, unless setting "http-outside" is set. check-in: 2b233e0af2 user: jan.nijtmans tags: tkt-change-hook
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/db.c. 
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124

  { "diff-command",  0,               40, 0, ""                    },
  { "dont-push",     0,                0, 0, "off"                 },
  { "editor",        0,               32, 0, ""                    },
  { "empty-dirs",    0,               40, 1, ""                    },
  { "encoding-glob",  0,              40, 1, ""                    },
  { "gdiff-command", 0,               40, 0, "gdiff"               },
  { "gmerge-command",0,               40, 0, ""                    },
  { "http-outside",  0,                0, 0, "off"                 },
  { "http-port",     0,               16, 0, "8080"                },
  { "https-login",   0,                0, 0, "off"                 },
  { "ignore-glob",   0,               40, 1, ""                    },
  { "keep-glob",     0,               40, 1, ""                    },
  { "localauth",     0,                0, 0, "off"                 },
  { "main-branch",   0,               40, 0, "trunk"               },
  { "manifest",      0,                0, 1, "off"                 },








|








2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124

  { "diff-command",  0,               40, 0, ""                    },
  { "dont-push",     0,                0, 0, "off"                 },
  { "editor",        0,               32, 0, ""                    },
  { "empty-dirs",    0,               40, 1, ""                    },
  { "encoding-glob",  0,              40, 1, ""                    },
  { "gdiff-command", 0,               40, 0, "gdiff"               },
  { "gmerge-command",0,               40, 0, ""                    },
  { "http-allow-regexp",0,            40, 0, ""                    },
  { "http-port",     0,               16, 0, "8080"                },
  { "https-login",   0,                0, 0, "off"                 },
  { "ignore-glob",   0,               40, 1, ""                    },
  { "keep-glob",     0,               40, 1, ""                    },
  { "localauth",     0,                0, 0, "off"                 },
  { "main-branch",   0,               40, 0, "trunk"               },
  { "manifest",      0,                0, 1, "off"                 },

2241
2242
2243
2244
2245
2246
2247

2248
2249
2250
2251
2252
2253
2254
2255
2256

**
**    gmerge-command   A graphical merge conflict resolver command operating
**                     on four files.
**                     Ex: kdiff3 "%baseline" "%original" "%merge" -o "%output"
**                     Ex: xxdiff "%original" "%baseline" "%merge" -M "%output"
**                     Ex: meld "%baseline" "%original" "%merge" "%output"
**

**    http-outside     Allow http requests for commit and ticket hooks to reach
**                     outside the local machine. Default: off.
**
**    http-port        The TCP/IP port number to use by the "server"
**                     and "ui" commands.  Default: 8080
**
**    https-login      Send login credentials using HTTPS instead of HTTP
**                     even if the login page request came via HTTP.
**








>
|
|








2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257

**
**    gmerge-command   A graphical merge conflict resolver command operating
**                     on four files.
**                     Ex: kdiff3 "%baseline" "%original" "%merge" -o "%output"
**                     Ex: xxdiff "%original" "%baseline" "%merge" -M "%output"
**                     Ex: meld "%baseline" "%original" "%merge" "%output"
**
**    http-allow-regexp Specify which URL's are allowed in http requests for
**                     commit and ticket hooks. If empty, no http requests
**                     are allowed whatsoever. Default: "".
**
**    http-port        The TCP/IP port number to use by the "server"
**                     and "ui" commands.  Default: 8080
**
**    https-login      Send login credentials using HTTPS instead of HTTP
**                     even if the login page request came via HTTP.
**
Changes to src/th_main.c. 
238
239
240
241
242
243
244
245
246

247






248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263


264
265
266
267
268





269
270
271
272
273
274
275

  Th_Interp *interp,
  void *p,
  int argc,
  const char **argv,
  int *argl
){
  int i;
  const char *zSep, *type;
  Blob hdr, payload;








  blob_zero(&payload);
  if( argc!=2 ){
    if( argc != 3 ){
      return Th_WrongNumArgs(interp, "http url ?payload?");
    }
    blob_append(&payload, argv[2], -1);
    type = "POST";
  }else{
    type = "GET";
  }
  url_parse(argv[1], 0);
  if( g.urlIsSsh || g.urlIsFile ){
    Th_ErrorMessage(interp, "url must be http:// or https://", 0, 0);
    return TH_ERROR;
  }
  if( db_get_boolean("http-outside", 0)==0 ){


    if( strcmp(g.urlName, "localhost") && strcmp(g.urlName, "127.0.0.1") ){
      Th_ErrorMessage(interp, "hostname must be \"localhost\" or \"127.0.0.1\"", 0, 0);
      return TH_ERROR;
    }
  }





  if( transport_open() ){
    Th_ErrorMessage(interp, transport_errmsg(), 0, 0);
    return TH_ERROR;
  }
  blob_zero(&hdr);
  i = strlen(g.urlPath);
  if( i>0 && g.urlPath[i-1]=='/' ){








|

>

>
>
>
>
>
>



|











|
>
>
|
|



>
>
>
>
>








238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289

  Th_Interp *interp,
  void *p,
  int argc,
  const char **argv,
  int *argl
){
  int i;
  const char *zSep, *type, *regexp;
  Blob hdr, payload;
  ReCompiled *pRe = 0;

  if( (argc>1) && strcmp(argv[1],"-async") ){
    Th_ErrorMessage(interp, "synchronous http requests not yet implemented", 0, 0);
    return TH_ERROR;
  }
  ++argv;
  --argc;
  blob_zero(&payload);
  if( argc!=2 ){
    if( argc != 3 ){
      return Th_WrongNumArgs(interp, "http -async url ?payload?");
    }
    blob_append(&payload, argv[2], -1);
    type = "POST";
  }else{
    type = "GET";
  }
  url_parse(argv[1], 0);
  if( g.urlIsSsh || g.urlIsFile ){
    Th_ErrorMessage(interp, "url must be http:// or https://", 0, 0);
    return TH_ERROR;
  }
  regexp = db_get("http-allow-regexp", 0);
  if( regexp && regexp[0] ){
    const char * zErr = re_compile(&pRe, regexp, 0);
    if( zErr ){
      Th_SetResult(interp, zErr, -1);
      return TH_ERROR;
    }
  }
  if (!pRe || !re_match(pRe, (const unsigned char *)argv[1], -1) ){
    Th_SetResult(interp, "url not allowed", -1);
    return TH_ERROR;
  }
  re_free(pRe);
  if( transport_open() ){
    Th_ErrorMessage(interp, transport_errmsg(), 0, 0);
    return TH_ERROR;
  }
  blob_zero(&hdr);
  i = strlen(g.urlPath);
  if( i>0 && g.urlPath[i-1]=='/' ){
This page was generated in about 0.036s by Fossil 2.26 [1205ec86cb] 2025-04-30 16:57:32