Mercurial > hg
diff tests/test-help.t @ 39470:17ca967e9fca
hgweb: map Abort to 403 error to report inaccessible path for example
Abort is so common in our codebase. We could instead introduce a dedicated
type for path auditing errors, but we'll probably have to catch error.Abort
anyway.
As you can see, an abort message may include a full path to the repository,
which might be considered information leak. If that matters, we should hide
the message and send it to the server log instead.
author | Yuya Nishihara <yuya@tcha.org> |
---|---|
date | Sun, 26 Aug 2018 22:23:25 +0900 |
parents | 7df9ae38c75c |
children | a2880ac67ee0 |