Mercurial > hg
view tests/test-newercgi.t @ 39470:17ca967e9fca
hgweb: map Abort to 403 error to report inaccessible path for example
Abort is so common in our codebase. We could instead introduce a dedicated
type for path auditing errors, but we'll probably have to catch error.Abort
anyway.
As you can see, an abort message may include a full path to the repository,
which might be considered information leak. If that matters, we should hide
the message and send it to the server log instead.
author | Yuya Nishihara <yuya@tcha.org> |
---|---|
date | Sun, 26 Aug 2018 22:23:25 +0900 |
parents | 8e6f4939a69a |
children | 23b749b84b8a |
line wrap: on
line source
#require no-msys # MSYS will translate web paths as if they were file paths This is a rudimentary test of the CGI files as of d74fc8dec2b4. $ hg init test $ cat >hgweb.cgi <<HGWEB > #!$PYTHON > # > # An example CGI script to use hgweb, edit as necessary > > import cgitb > cgitb.enable() > > from mercurial import demandimport; demandimport.enable() > from mercurial.hgweb import hgweb > from mercurial.hgweb import wsgicgi > > application = hgweb("test", "Empty test repository") > wsgicgi.launch(application) > HGWEB $ chmod 755 hgweb.cgi $ cat >hgweb.config <<HGWEBDIRCONF > [paths] > test = test > HGWEBDIRCONF $ cat >hgwebdir.cgi <<HGWEBDIR > #!$PYTHON > # > # An example CGI script to export multiple hgweb repos, edit as necessary > > import cgitb > cgitb.enable() > > from mercurial import demandimport; demandimport.enable() > from mercurial.hgweb import hgwebdir > from mercurial.hgweb import wsgicgi > > application = hgwebdir("hgweb.config") > wsgicgi.launch(application) > HGWEBDIR $ chmod 755 hgwebdir.cgi $ . "$TESTDIR/cgienv" $ $PYTHON hgweb.cgi > page1 $ $PYTHON hgwebdir.cgi > page2 $ PATH_INFO="/test/" $ PATH_TRANSLATED="/var/something/test.cgi" $ REQUEST_URI="/test/test/" $ SCRIPT_URI="http://hg.omnifarious.org/test/test/" $ SCRIPT_URL="/test/test/" $ $PYTHON hgwebdir.cgi > page3 $ grep -i error page1 page2 page3 [1]