Mercurial Mercurial > mercurial / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
tests/test-clone-cgi.t
author Blake Burkhart <bburky@bburky.com>
Wed, 06 Apr 2016 22:57:46 -0500
branchstable
changeset 29051 a56296f55a5e
parent 22046 7a9cbb315d84
child 32940 75be14993fda
permissions -rw-r--r--
convert: pass absolute paths to git (SEC) Fixes CVE-2016-3105 (1/1). Previously, it was possible for the repository path passed to git-ls-remote to be misinterpreted as a URL. Always passing an absolute path to git is a simple way to avoid this.

#require no-msys # MSYS will translate web paths as if they were file paths

This is a test of the wire protocol over CGI-based hgweb.
initialize repository

  $ hg init test
  $ cd test
  $ echo a > a
  $ hg ci -Ama
  adding a
  $ cd ..
  $ cat >hgweb.cgi <<HGWEB
  > #
  > # An example CGI script to use hgweb, edit as necessary
  > import cgitb
  > cgitb.enable()
  > from mercurial import demandimport; demandimport.enable()
  > from mercurial.hgweb import hgweb
  > from mercurial.hgweb import wsgicgi
  > application = hgweb("test", "Empty test repository")
  > wsgicgi.launch(application)
  > HGWEB
  $ chmod 755 hgweb.cgi

try hgweb request

  $ . "$TESTDIR/cgienv"
  $ QUERY_STRING="cmd=changegroup&roots=0000000000000000000000000000000000000000"; export QUERY_STRING
  $ python hgweb.cgi >page1 2>&1
  $ python "$TESTDIR/md5sum.py" page1
  1f424bb22ec05c3c6bc866b6e67efe43  page1

make sure headers are sent even when there is no body

  $ QUERY_STRING="cmd=listkeys&namespace=nosuchnamespace" python hgweb.cgi
  Status: 200 Script output follows\r (esc)
  Content-Type: application/mercurial-0.1\r (esc)
  Content-Length: 0\r (esc)
  \r (esc)
mercurial