Verify Content-Type from smart HTTP servers

Before parsing a suspected smart-HTTP response verify the returned Content-Type matches the standard. This protects a client from attempting to process a payload that smells like a smart-HTTP server response. JGit has been doing this check on all responses since the dawn of time. I mistakenly failed to include it in git-core when smart HTTP was introduced. At the time I didn't know how to get the Content-Type from libcurl. I punted, meant to circle back and fix this, and just plain forgot about it. Signed-off-by: Shawn Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: Shawn Pearce <spearce@spearce.org> 2013-01-31 13:02:07 -0800
committer: Junio C Hamano <gitster@pobox.com> 2013-02-04 10:22:36 -0800
commit: 4656bf47fca857df51b5d6f4b7b052192b3b2317 (patch)
tree: 91e4d6cf951f2964de99d454ec89e426753ac453 /t/lib-httpd.sh
parent: Merge branch 'tb/t0050-maint' into maint (diff)
download: tgif-4656bf47fca857df51b5d6f4b7b052192b3b2317.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/t/lib-httpd.sh b/t/lib-httpd.sh
index 02f442bfad..895b9258b0 100644
--- a/t/lib-httpd.sh
+++ b/t/lib-httpd.sh
@@ -80,6 +80,7 @@ fi
 prepare_httpd() {
 	mkdir -p "$HTTPD_DOCUMENT_ROOT_PATH"
 	cp "$TEST_PATH"/passwd "$HTTPD_ROOT_PATH"
+	cp "$TEST_PATH"/broken-smart-http.sh "$HTTPD_ROOT_PATH"
 
 	ln -s "$LIB_HTTPD_MODULE_PATH" "$HTTPD_ROOT_PATH/modules"
author	Shawn Pearce <spearce@spearce.org>	2013-01-31 13:02:07 -0800
committer	Junio C Hamano <gitster@pobox.com>	2013-02-04 10:22:36 -0800
commit	4656bf47fca857df51b5d6f4b7b052192b3b2317 (patch)
tree	91e4d6cf951f2964de99d454ec89e426753ac453 /t/lib-httpd.sh
parent	Merge branch 'tb/t0050-maint' into maint (diff)
download	tgif-4656bf47fca857df51b5d6f4b7b052192b3b2317.tar.xz