summaryrefslogtreecommitdiff
path: root/gitweb/gitweb.perl
diff options
context:
space:
mode:
authorLibravatar Bernhard R. Link <brl+git@mail.brlink.eu>2012-01-30 21:06:38 +0100
committerLibravatar Junio C Hamano <gitster@pobox.com>2012-02-01 12:52:49 -0800
commit348a6589e016669a3cf2d71c612e32dde9ef6f27 (patch)
tree8a83cc20d87e2941a727123c3db51ee93f7a25bf /gitweb/gitweb.perl
parentgitweb: move hard coded .git suffix out of git_get_projects_list (diff)
downloadtgif-348a6589e016669a3cf2d71c612e32dde9ef6f27.tar.xz
gitweb: prepare git_get_projects_list for use outside 'forks'.
Use of the filter option of git_get_projects_list is currently limited to forks. It currently assumes the project belonging to the filter directory was already validated to be visible in the project list. To make it more generic add an optional argument to denote visibility verification is still needed. If there is a projects list file (GITWEB_LIST) only projects from this list are returned anyway, so no more checks needed. If there is no projects list file and the caller requests strict checking (GITWEB_STRICT_EXPORT), do not jump directly to the given directory but instead do a normal search and filter the results instead. The only effect of GITWEB_STRICT_EXPORT without GITWEB_LIST is to make sure no project can be viewed without also be found starting from project root. git_get_projects_list without this patch does not enforce this but all callers only call it with a filter already checked this way. With this parameter a caller can request this check if the filter cannot be checked this way. Signed-off-by: Bernhard R. Link <brlink@debian.org> Acked-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'gitweb/gitweb.perl')
-rwxr-xr-xgitweb/gitweb.perl7
1 files changed, 6 insertions, 1 deletions
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
index e074cd7c63..48a2a375be 100755
--- a/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
@@ -2827,6 +2827,7 @@ sub git_get_project_url_list {
sub git_get_projects_list {
my $filter = shift || '';
+ my $paranoid = shift;
my @list;
if (-d $projects_list) {
@@ -2837,7 +2838,7 @@ sub git_get_projects_list {
my $pfxlen = length("$dir");
my $pfxdepth = ($dir =~ tr!/!!);
# when filtering, search only given subdirectory
- if ($filter) {
+ if ($filter && !$paranoid) {
$dir .= "/$filter";
$dir =~ s!/+$!!;
}
@@ -2862,6 +2863,10 @@ sub git_get_projects_list {
}
my $path = substr($File::Find::name, $pfxlen + 1);
+ # paranoidly only filter here
+ if ($paranoid && $filter && $path !~ m!^\Q$filter\E/!) {
+ next;
+ }
# we check related file in $projectroot
if (check_export_ok("$projectroot/$path")) {
push @list, { path => $path };