# HG changeset patch
# User Brodie Rao <brodie@bitheap.org>
# Date 1301540491 25200
# Node ID 7f18bab2c0b0db634aa001a02ac7b7d68ad6fc3d
# Parent  2540f8087e020a3fdc1e6f05f91b8edac972ab5d
url: abort on file:// URLs with non-localhost hosts

diff -r 2540f8087e02 -r 7f18bab2c0b0 mercurial/url.py
--- a/mercurial/url.py	Wed Mar 30 20:00:24 2011 -0700
+++ b/mercurial/url.py	Wed Mar 30 20:01:31 2011 -0700
@@ -140,6 +140,11 @@
                 self.host, self.port = self.host.rsplit(':', 1)
                 if not self.host:
                     self.host = None
+
+            if (self.host and self.scheme == 'file' and
+                self.host not in ('localhost', '127.0.0.1', '[::1]')):
+                raise util.Abort(_('file:// URLs can only refer to localhost'))
+
         self.path = path
 
         for a in ('user', 'passwd', 'host', 'port',
diff -r 2540f8087e02 -r 7f18bab2c0b0 tests/test-pull.t
--- a/tests/test-pull.t	Wed Mar 30 20:00:24 2011 -0700
+++ b/tests/test-pull.t	Wed Mar 30 20:01:31 2011 -0700
@@ -78,4 +78,8 @@
 
   $ URL=`python -c "import os; print 'file://foobar' + ('/' + os.getcwd().replace(os.sep, '/')).replace('//', '/') + '/../test'"`
   $ hg pull -q "$URL"
+  abort: file:// URLs can only refer to localhost
+  [255]
 
+  $ URL=`python -c "import os; print 'file://localhost' + ('/' + os.getcwd().replace(os.sep, '/')).replace('//', '/') + '/../test'"`
+  $ hg pull -q "$URL"
diff -r 2540f8087e02 -r 7f18bab2c0b0 tests/test-url.py
--- a/tests/test-url.py	Wed Mar 30 20:00:24 2011 -0700
+++ b/tests/test-url.py	Wed Mar 30 20:01:31 2011 -0700
@@ -158,6 +158,13 @@
     >>> url('/x///z/y/')
     <url path: '/x///z/y/'>
 
+    Non-localhost file URL:
+
+    >>> u = url('file://mercurial.selenic.com/foo')
+    Traceback (most recent call last):
+      File "<stdin>", line 1, in ?
+    Abort: file:// URLs can only refer to localhost
+
     Empty URL:
 
     >>> u = url('')