Mercurial > hg

changeset 18496:d1c13a4dc638 stable

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
bookmarks: hide bookmarks on filtered revs from listkeys Don't expose unserved changesets to remote repos. Thanks to Sean Farley <sean.michael.farley@gmail.com> for tracking down the issue and Pierre-Yves David <pierre-yves.david@ens-lyon.org> for the fix.
author Kevin Bullock <kbullock@ringworld.org>
date Sun, 27 Jan 2013 15:13:53 -0600
parents 8260fa9f30b9
children a58d8936647a
files mercurial/bookmarks.py tests/test-hgweb-commands.t
diffstat 2 files changed, 8 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/mercurial/bookmarks.py	Sun Jan 27 14:24:37 2013 -0600
+++ b/mercurial/bookmarks.py	Sun Jan 27 15:13:53 2013 -0600
@@ -183,9 +183,10 @@
     marks = getattr(repo, '_bookmarks', {})
 
     d = {}
+    hasnode = repo.changelog.hasnode
     for k, v in marks.iteritems():
         # don't expose local divergent bookmarks
-        if '@' not in k or k.endswith('@'):
+        if hasnode(v) and ('@' not in k or k.endswith('@')):
             d[k] = hex(v)
     return d
 
--- a/tests/test-hgweb-commands.t	Sun Jan 27 14:24:37 2013 -0600
+++ b/tests/test-hgweb-commands.t	Sun Jan 27 15:13:53 2013 -0600
@@ -1386,4 +1386,10 @@
   $ QUERY_STRING='style=raw'
   $ python hgweb.cgi
 
+listbookmarks hides secret bookmarks
+
+  $ PATH_INFO=/; export PATH_INFO
+  $ QUERY_STRING='cmd=listkeys&namespace=bookmarks'
+  $ python hgweb.cgi
+
   $ cd ..