hgweb: fix trust of templates path (BC)
Long ago we disabled trust of the templates path with a comment
describing the (insecure) behavior before the change. At some later
refactor, the code was apparently changed back to match the comment,
unaware that the intent of the comment was to describe the behavior to
avoid.
This change disables the trust and updates the comment to explicitly
say not only what the old problem was, but also that it was in fact a
problem and the action taken to prevent it.
Impact: prior to this change, if you had a UNIX-based hgweb server
where users can write hgrc files, those users could potentially read
any file readable by the web server.
This is marked as a backwards compatibility issue because people may
have configured templates without proper trust settings. Issue spotted
by Greg Szorc.
# record.py
#
# Copyright 2007 Bryan O'Sullivan <bos@serpentine.com>
#
# This software may be used and distributed according to the terms of the
# GNU General Public License version 2 or any later version.
'''commands to interactively select changes for commit/qrefresh'''
from mercurial.i18n import _
from mercurial import cmdutil, commands, extensions
from mercurial import util
cmdtable = {}
command = cmdutil.command(cmdtable)
# Note for extension authors: ONLY specify testedwith = 'internal' for
# extensions which SHIP WITH MERCURIAL. Non-mainline extensions should
# be specifying the version(s) of Mercurial they are tested with, or
# leave the attribute unspecified.
testedwith = 'internal'
@command("record",
# same options as commit + white space diff options
[c for c in commands.table['^commit|ci'][1][:]
if c[1] != "interactive"] + commands.diffwsopts,
_('hg record [OPTION]... [FILE]...'))
def record(ui, repo, *pats, **opts):
'''interactively select changes to commit
If a list of files is omitted, all changes reported by :hg:`status`
will be candidates for recording.
See :hg:`help dates` for a list of formats valid for -d/--date.
You will be prompted for whether to record changes to each
modified file, and for files with multiple changes, for each
change to use. For each query, the following responses are
possible::
y - record this change
n - skip this change
e - edit this change manually
s - skip remaining changes to this file
f - record remaining changes to this file
d - done, skip remaining changes and files
a - record all changes to all remaining files
q - quit, recording no changes
? - display help
This command is not available when committing a merge.'''
if not ui.interactive():
raise util.Abort(_('running non-interactively, use %s instead') %
'commit')
opts["interactive"] = True
backup = ui.backupconfig('experimental', 'crecord')
try:
ui.setconfig('experimental', 'crecord', False, 'record')
commands.commit(ui, repo, *pats, **opts)
finally:
ui.restoreconfig(backup)
def qrefresh(origfn, ui, repo, *pats, **opts):
if not opts['interactive']:
return origfn(ui, repo, *pats, **opts)
mq = extensions.find('mq')
def committomq(ui, repo, *pats, **opts):
# At this point the working copy contains only changes that
# were accepted. All other changes were reverted.
# We can't pass *pats here since qrefresh will undo all other
# changed files in the patch that aren't in pats.
mq.refresh(ui, repo, **opts)
# backup all changed files
cmdutil.dorecord(ui, repo, committomq, None, True,
cmdutil.recordfilter, *pats, **opts)
# This command registration is replaced during uisetup().
@command('qrecord',
[],
_('hg qrecord [OPTION]... PATCH [FILE]...'),
inferrepo=True)
def qrecord(ui, repo, patch, *pats, **opts):
'''interactively record a new patch
See :hg:`help qnew` & :hg:`help record` for more information and
usage.
'''
return _qrecord('qnew', ui, repo, patch, *pats, **opts)
def _qrecord(cmdsuggest, ui, repo, patch, *pats, **opts):
try:
mq = extensions.find('mq')
except KeyError:
raise util.Abort(_("'mq' extension not loaded"))
repo.mq.checkpatchname(patch)
def committomq(ui, repo, *pats, **opts):
opts['checkname'] = False
mq.new(ui, repo, patch, *pats, **opts)
backup = ui.backupconfig('experimental', 'crecord')
try:
ui.setconfig('experimental', 'crecord', False, 'record')
cmdutil.dorecord(ui, repo, committomq, cmdsuggest, False,
cmdutil.recordfilter, *pats, **opts)
finally:
ui.restoreconfig(backup)
def qnew(origfn, ui, repo, patch, *args, **opts):
if opts['interactive']:
return _qrecord(None, ui, repo, patch, *args, **opts)
return origfn(ui, repo, patch, *args, **opts)
def uisetup(ui):
try:
mq = extensions.find('mq')
except KeyError:
return
cmdtable["qrecord"] = \
(qrecord,
# same options as qnew, but copy them so we don't get
# -i/--interactive for qrecord and add white space diff options
mq.cmdtable['^qnew'][1][:] + commands.diffwsopts,
_('hg qrecord [OPTION]... PATCH [FILE]...'))
_wrapcmd('qnew', mq.cmdtable, qnew, _("interactively record a new patch"))
_wrapcmd('qrefresh', mq.cmdtable, qrefresh,
_("interactively select changes to refresh"))
def _wrapcmd(cmd, table, wrapfn, msg):
entry = extensions.wrapcommand(table, cmd, wrapfn)
entry[1].append(('i', 'interactive', None, msg))