[PATCH 1/4] snapshots: Don't allow sneaked in snapshots requests
cgit at cryptocrack.de
Sun Feb 2 15:49:17 CET 2014
On Sat, 01 Feb 2014 at 15:54:22, Sebastian Andrzej Siewior wrote:
> On 18.01.14, Sebastian Andrzej Siewior wrote:
> > If the snapshots are not enabled then the frontend won't show a link to it.
> > The skilled user however may construct the URL on his own and the frontend
> > will obey the request.
> > This patch adds a check for this case so the requst won't be served.
> Any comments on this one?
While I like this idea , I think that Jason is reluctant to add this
"fix" . I am putting "fix" in quotes because being able to access
"disabled" snapshots is documented since commit 70546a3 (cgitrc.5.txt:
Fix documentation of the snapshot mask, 2014-01-13) .
> CGit mailing list
> CGit at lists.zx2c4.com
More information about the CGit