Mercurial > hg

view tests/test-hgweb-non-interactive.t @ 49241:6b10151b9621 stable 6.1.3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
narrow_widen_acl: enforce narrowacl in narrow_widen (SEC) Reviewer note: this was sent by the author as a simple bugfix, but can be considered a security patch, since it allows users to access things outside of the ACL, hence the (SEC) prefix. However, this affects the `narrow` extention which is still marked as experimental and has relatively few users aside from large companies with their own security layers on top from what we can gather. We feel (Alphare: or at least, I feel) like pinging the packaging list is enough in this case.
author Sandu Turcan <idlsoft@gmail.com>
date Tue, 03 May 2022 21:44:30 -0400
parents 4c1b4805db57
children 42d2b31cee0b
line wrap: on
line source

Tests if hgweb can run without touching sys.stdin, as is required
by the WSGI standard and strictly implemented by mod_wsgi.

  $ hg init repo
  $ cd repo
  $ echo foo > bar
  $ hg add bar
  $ hg commit -m "test"
  $ cat > request.py <<EOF
  > from __future__ import absolute_import
  > import os
  > import sys
  > from mercurial import (
  >     dispatch,
  >     encoding,
  >     hg,
  >     ui as uimod,
  >     util,
  > )
  > from mercurial.utils import (
  >     procutil,
  > )
  > ui = uimod.ui
  > from mercurial.hgweb import hgweb_mod
  > stringio = util.stringio
  > 
  > class FileLike(object):
  >     def __init__(self, real):
  >         self.real = real
  >     def fileno(self):
  >         print >> sys.__stdout__, 'FILENO'
  >         return self.real.fileno()
  >     def read(self):
  >         print >> sys.__stdout__, 'READ'
  >         return self.real.read()
  >     def readline(self):
  >         print >> sys.__stdout__, 'READLINE'
  >         return self.real.readline()
  > 
  > sys.stdin = FileLike(sys.stdin)
  > errors = stringio()
  > input = stringio()
  > output = stringio()
  > 
  > def startrsp(status, headers):
  >     print('---- STATUS')
  >     print(status)
  >     print('---- HEADERS')
  >     print([i for i in headers if i[0] != 'ETag'])
  >     print('---- DATA')
  >     return output.write
  > 
  > env = {
  >     'wsgi.version': (1, 0),
  >     'wsgi.url_scheme': 'http',
  >     'wsgi.errors': errors,
  >     'wsgi.input': input,
  >     'wsgi.multithread': False,
  >     'wsgi.multiprocess': False,
  >     'wsgi.run_once': False,
  >     'REQUEST_METHOD': 'GET',
  >     'SCRIPT_NAME': '',
  >     'PATH_INFO': '',
  >     'QUERY_STRING': '',
  >     'SERVER_NAME': '$LOCALIP',
  >     'SERVER_PORT': os.environ['HGPORT'],
  >     'SERVER_PROTOCOL': 'HTTP/1.0'
  > }
  > 
  > i = hgweb_mod.hgweb(b'.')
  > for c in i(env, startrsp):
  >     pass
  > sys.stdout.flush()
  > procutil.stdout.write(b'---- ERRORS\n')
  > procutil.stdout.write(b'%s\n' % errors.getvalue())
  > print('---- OS.ENVIRON wsgi variables')
  > print(sorted([x for x in os.environ if x.startswith('wsgi')]))
  > print('---- request.ENVIRON wsgi variables')
  > with i._obtainrepo() as repo:
  >     print(sorted([encoding.strfromlocal(x) for x in repo.ui.environ
  >                   if x.startswith(b'wsgi')]))
  > EOF
  $ "$PYTHON" request.py
  ---- STATUS
  200 Script output follows
  ---- HEADERS
  [('Content-Type', 'text/html; charset=ascii')]
  ---- DATA
  ---- ERRORS
  
  ---- OS.ENVIRON wsgi variables
  []
  ---- request.ENVIRON wsgi variables
  ['wsgi.errors', 'wsgi.input', 'wsgi.multiprocess', 'wsgi.multithread', 'wsgi.run_once', 'wsgi.url_scheme', 'wsgi.version']

  $ cd ..