Mercurial > hg
view hgweb.cgi @ 28342:bd05d38a1002
chgserver: use basename for socket symlink
Previously we use full path and the symlink may point to outside (unsafe)
world if the directory is moved. This patch fixes it by only linking to
basename of the target. Therefore the symbolic link and socket files will
always stay in the same directory.
author | Jun Wu <quark@fb.com> |
---|---|
date | Fri, 04 Mar 2016 13:18:02 +0000 |
parents | 4b0fc75f9403 |
children | 47ef023d0165 |
line wrap: on
line source
#!/usr/bin/env python # # An example hgweb CGI script, edit as necessary # See also https://mercurial-scm.org/wiki/PublishingRepositories # Path to repo or hgweb config to serve (see 'hg help hgweb') config = "/path/to/repo/or/config" # Uncomment and adjust if Mercurial is not installed system-wide # (consult "installed modules" path from 'hg debuginstall'): #import sys; sys.path.insert(0, "/path/to/python/lib") # Uncomment to send python tracebacks to the browser if an error occurs: #import cgitb; cgitb.enable() from mercurial import demandimport; demandimport.enable() from mercurial.hgweb import hgweb, wsgicgi application = hgweb(config) wsgicgi.launch(application)