summaryrefslogtreecommitdiff
path: root/t/t3502-cherry-pick-merge.sh
diff options
context:
space:
mode:
authorLibravatar Matt McCutchen <matt@mattmccutchen.net>2009-02-07 19:00:09 -0500
committerLibravatar Junio C Hamano <gitster@pobox.com>2009-02-08 21:51:25 -0800
commit7e1100e9e939c9178b2aa3969349e9e8d34488bf (patch)
treea0238a2d09de9d5f9617e72559d5d79398836f45 /t/t3502-cherry-pick-merge.sh
parentrev-list: fix showing distance when using --bisect-all (diff)
downloadtgif-7e1100e9e939c9178b2aa3969349e9e8d34488bf.tar.xz
gitweb: add $prevent_xss option to prevent XSS by repository content
Add a gitweb configuration variable $prevent_xss that disables features to prevent content in repositories from launching cross-site scripting (XSS) attacks in the gitweb domain. Currently, this option makes gitweb ignore README.html (a better solution may be worked out in the future) and serve a blob_plain file of an untrusted type with "Content-Disposition: attachment", which tells the browser not to show the file at its original URL. The XSS prevention is currently off by default. Signed-off-by: Matt McCutchen <matt@mattmccutchen.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 't/t3502-cherry-pick-merge.sh')
0 files changed, 0 insertions, 0 deletions