Mercurial > hg
diff hgext/patchbomb.py @ 3555:881064004fd0
use untrusted settings in hgweb
The only exceptions are web.static and web.templates, since they can
be used to get any file that is readable by the user running the CGI
script.
Other options can be (ab)used to increase the use of the cpu
(allow_bz2) or of the bandwidth (server.uncompressed), but they're
trusted anyway.
author | Alexis S. L. Carvalho <alexis@cecm.usp.br> |
---|---|
date | Thu, 26 Oct 2006 19:25:45 +0200 |
parents | 0e68608bd11d |
children | abaee83ce0a6 ff49da8bd6ae 2601ac9c54f0 |