On 14/01/16 12:07, John Keeping wrote:
On Thu, Jan 14, 2016 at 12:01:57PM +0100, Jason A. Donenfeld wrote:
On Thu, Jan 14, 2016 at 11:57 AM, John Keeping <[email protected]> wrote:
I wonder if we should just drop support for the "mimetype" query
parameter and see if anyone complains. In general, I would expect it to
be the server's responsibility to decide on the type of its output and
allowing the client to override it seems like a problem in general.
Agreed here.
Me too.
We still have the other issue of git repos containing valid html with
malicious scripts and whatnot, though. Can we simply kill the feature
of allowing HTML to be served from cgit? This would indeed fix the
security issue in the best way. But would folks complain?
Unlike the "mimetype" query parameter, I can see valid usecases for
serving HTML from repositories with CGit (I've even used it myself in
the past), so I expect there will be complaints for that one.
Could we add a config knob for serving HTML and turn if off by default?
That will allow people who trust their repository contents to use this
feature while protecting everyone else.
Good idea.
With a big fat warning that enabling it will possibly open you up to XSS
attacks, especially when the repo is not under your control
_______________________________________________
CGit mailing list
[email protected]
http://lists.zx2c4.com/mailman/listinfo/cgit
