Mercurial > hg
view tests/test-audit-path.t @ 30832:da5fa0f13a41
ui: introduce an experimental dict of exportable environment variables
Care needs to be taken to prevent leaking potentially sensitive environment
variables through hgweb, if template support for environment variables is to be
introduced. There are a few ideas about the API for preventing accidental
leaking [1]. Option 3 seems best from the POV of not needing to configure
anything in the normal case. I couldn't figure out how to do that, so guard it
with an experimental option for now.
[1] https://www.mercurial-scm.org/pipermail/mercurial-devel/2017-January/092383.html
author | Matt Harbison <matt_harbison@yahoo.com> |
---|---|
date | Tue, 17 Jan 2017 23:05:12 -0500 |
parents | 15c6eb0a51bd |
children | 0134d839444b |
line wrap: on
line source
$ hg init audit of .hg $ hg add .hg/00changelog.i abort: path contains illegal component: .hg/00changelog.i (glob) [255] #if symlink Symlinks $ mkdir a $ echo a > a/a $ hg ci -Ama adding a/a $ ln -s a b $ echo b > a/b $ hg add b/b abort: path 'b/b' traverses symbolic link 'b' (glob) [255] $ hg add b should still fail - maybe $ hg add b/b abort: path 'b/b' traverses symbolic link 'b' (glob) [255] $ hg commit -m 'add symlink b' Test symlink traversing when accessing history: ----------------------------------------------- (build a changeset where the path exists as a directory) $ hg up 0 0 files updated, 0 files merged, 1 files removed, 0 files unresolved $ mkdir b $ echo c > b/a $ hg add b/a $ hg ci -m 'add directory b' created new head Test that hg cat does not do anything wrong the working copy has 'b' as directory $ hg cat b/a c $ hg cat -r "desc(directory)" b/a c $ hg cat -r "desc(symlink)" b/a b/a: no such file in rev bc151a1f53bd [1] Test that hg cat does not do anything wrong the working copy has 'b' as a symlink (issue4749) $ hg up 'desc(symlink)' 1 files updated, 0 files merged, 1 files removed, 0 files unresolved $ hg cat b/a b/a: no such file in rev bc151a1f53bd [1] $ hg cat -r "desc(directory)" b/a c $ hg cat -r "desc(symlink)" b/a b/a: no such file in rev bc151a1f53bd [1] #endif unbundle tampered bundle $ hg init target $ cd target $ hg unbundle "$TESTDIR/bundles/tampered.hg" adding changesets adding manifests adding file changes added 5 changesets with 6 changes to 6 files (+4 heads) (run 'hg heads' to see heads, 'hg merge' to merge) attack .hg/test $ hg manifest -r0 .hg/test $ hg update -Cr0 abort: path contains illegal component: .hg/test (glob) [255] attack foo/.hg/test $ hg manifest -r1 foo/.hg/test $ hg update -Cr1 abort: path 'foo/.hg/test' is inside nested repo 'foo' (glob) [255] attack back/test where back symlinks to .. $ hg manifest -r2 back back/test #if symlink $ hg update -Cr2 abort: path 'back/test' traverses symbolic link 'back' [255] #else ('back' will be a file and cause some other system specific error) $ hg update -Cr2 abort: * (glob) [255] #endif attack ../test $ hg manifest -r3 ../test $ hg update -Cr3 abort: path contains illegal component: ../test (glob) [255] attack /tmp/test $ hg manifest -r4 /tmp/test $ hg update -Cr4 abort: path contains illegal component: /tmp/test (glob) [255] $ cd ..