Mercurial Mercurial > mercurial / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hgweb.cgi
author Danek Duvall <danek.duvall@oracle.com>
Fri, 27 May 2016 15:20:03 -0700
branchstable
changeset 29257 a9764ab80e11
parent 26421 4b0fc75f9403
child 43691 47ef023d0165
permissions -rwxr-xr-x
tests-subrepo-git: emit a different "pwned" message based on the test Having a single "pwned" message which may or may not be emitted during the tests for CVE-2016-3068 leads to extra confusion. Allow each test to emit a more detailed message based on what the expectations are. In both cases, we expect a version of git which has had the vulnerability plugged, as well as a version of mercurial which also knows about GIT_ALLOW_PROTOCOL. For the first test, we make sure GIT_ALLOW_PROTOCOL is unset, meaning that the ext-protocol subrepo should be ignored; if it isn't, there's either a problem with mercurial or the installed copy of git. For the second test, we explicitly allow ext-protocol subrepos, which means that the subrepo will be accessed and a message emitted confirming that this was, in fact, our intention.

#!/usr/bin/env python
#
# An example hgweb CGI script, edit as necessary
# See also https://mercurial-scm.org/wiki/PublishingRepositories

# Path to repo or hgweb config to serve (see 'hg help hgweb')
config = "/path/to/repo/or/config"

# Uncomment and adjust if Mercurial is not installed system-wide
# (consult "installed modules" path from 'hg debuginstall'):
#import sys; sys.path.insert(0, "/path/to/python/lib")

# Uncomment to send python tracebacks to the browser if an error occurs:
#import cgitb; cgitb.enable()

from mercurial import demandimport; demandimport.enable()
from mercurial.hgweb import hgweb, wsgicgi
application = hgweb(config)
wsgicgi.launch(application)
mercurial