httppeer: don't accept very old media types (BC)
Versions of Mercurial older than 1.0 emitted the text/plain
and application/hg-changegroup media types in response to wire
protocol commands.
Way back in 8760d0c83b9b in 2005, the code validating these media
types was added, presumably for backwards compatibility. 0b245edec124
a short time before that commit changed things from text/plain and
application/hg-changegroup to application/mercurial-0.1 and
application/hg-0.1. 8760d0c83b9b seemed to indicate ("for now") that
the BC compatibility was temporary. But that code has lived until
this day.
It has been more than 10 years and nobody should be running pre 1.0
servers.
Pretty much the only risk to this is if there's a server somewhere
advertising the old media types or server software is interfering
and not letting Mercurial send the proper Content-Type header. I
think the chances are rare.
The wire protocol docs were created (by me) from reading existing
code. So the deletions don't constitute a spec change as much as
reflecting the reality of how things have been for years.
.. bc::
The HTTP client no longer accepts text/plain and
application/hg-changegroup Content-Type values as a valid Mercurial
command response. These should only be encountered on pre 1.0
Mercurial servers.
Differential Revision: https://phab.mercurial-scm.org/D3239
--- a/mercurial/help/internals/wireprotocol.txt Tue Apr 10 13:07:13 2018 -0700
+++ b/mercurial/help/internals/wireprotocol.txt Tue Apr 10 13:41:21 2018 -0700
@@ -123,12 +123,6 @@
The content of the HTTP response body typically holds text describing the
error.
-The ``application/hg-changegroup`` media type indicates a changegroup response
-type.
-
-Clients also accept the ``text/plain`` media type. All other media
-types should cause the client to error.
-
Behavior of media types is further described in the ``Content Negotiation``
section below.
--- a/mercurial/httppeer.py Tue Apr 10 13:07:13 2018 -0700
+++ b/mercurial/httppeer.py Tue Apr 10 13:41:21 2018 -0700
@@ -322,46 +322,40 @@
safeurl = util.hidepassword(baseurl)
if proto.startswith('application/hg-error'):
raise error.OutOfBandError(resp.read())
- # accept old "text/plain" and "application/hg-changegroup" for now
- if not (proto.startswith('application/mercurial-') or
- (proto.startswith('text/plain')
- and not resp.headers.get('content-length')) or
- proto.startswith('application/hg-changegroup')):
+
+ # Pre 1.0 versions of Mercurial used text/plain and
+ # application/hg-changegroup. We don't support such old servers.
+ if not proto.startswith('application/mercurial-'):
ui.debug("requested URL: '%s'\n" % util.hidepassword(requrl))
raise error.RepoError(
_("'%s' does not appear to be an hg repository:\n"
"---%%<--- (%s)\n%s\n---%%<---\n")
% (safeurl, proto or 'no content-type', resp.read(1024)))
- if proto.startswith('application/mercurial-'):
- try:
- version = proto.split('-', 1)[1]
- version_info = tuple([int(n) for n in version.split('.')])
- except ValueError:
- raise error.RepoError(_("'%s' sent a broken Content-Type "
- "header (%s)") % (safeurl, proto))
-
- # TODO consider switching to a decompression reader that uses
- # generators.
- if version_info == (0, 1):
- if compressible:
- resp = util.compengines['zlib'].decompressorreader(resp)
+ try:
+ version = proto.split('-', 1)[1]
+ version_info = tuple([int(n) for n in version.split('.')])
+ except ValueError:
+ raise error.RepoError(_("'%s' sent a broken Content-Type "
+ "header (%s)") % (safeurl, proto))
- return respurl, resp
+ # TODO consider switching to a decompression reader that uses
+ # generators.
+ if version_info == (0, 1):
+ if compressible:
+ resp = util.compengines['zlib'].decompressorreader(resp)
- elif version_info == (0, 2):
- # application/mercurial-0.2 always identifies the compression
- # engine in the payload header.
- elen = struct.unpack('B', resp.read(1))[0]
- ename = resp.read(elen)
- engine = util.compengines.forwiretype(ename)
- return respurl, engine.decompressorreader(resp)
- else:
- raise error.RepoError(_("'%s' uses newer protocol %s") %
- (safeurl, version))
+ elif version_info == (0, 2):
+ # application/mercurial-0.2 always identifies the compression
+ # engine in the payload header.
+ elen = struct.unpack('B', resp.read(1))[0]
+ ename = resp.read(elen)
+ engine = util.compengines.forwiretype(ename)
- if compressible:
- resp = util.compengines['zlib'].decompressorreader(resp)
+ resp = engine.decompressorreader(resp)
+ else:
+ raise error.RepoError(_("'%s' uses newer protocol %s") %
+ (safeurl, version))
return respurl, resp