Hi Richard,
This looks like really cool work. I'll review it this week and get
back to you. Thanks for submitting.
Jason
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Hey Christian,
This is very pretty. I'll test drive it for a few days, but I like it
overall.
[image: Inline image 1]
Thanks for the patch!
Jason
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Hey Peter,
I wonder if a better way would be match the particular libc out of
uname -o. In this case, GNU libc needs -ldl. Do other libcs also need
libdl? Seems like this might be slightly cleaner.
Any opinions on this list?
Jason
___
CGit mailing list
As always, thanks for staying on top of things. Merged!
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Sorry Kylle, something's been whonky with my MTA. Merging this now.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi folks,
CGit 1.0 is now available, with some new features, bug fixes, and
security fixes. While "1.0" usually means a great deal, it's nothing
special here. Instead, this is merely the "next" release, and now we can
finally move to semver. CGit ha
Hi guys,
After a huge period of being gone, I'm finally back. And thank god!
Cgit really needs a new release.
Please submit any showstopper bug fixes within the next day or so if
you'd like them in the next version.
Regards,
Jason
___
CGit mailing list
I'll try to hook this up to the lua scripting.
On holiday now in Japan, but I'll write more later when back at a real PC.
On Jun 3, 2016 10:46 PM, "Konstantin Ryabitsev" wrote:
> Hi, all:
>
> It would be handy to have a way to hide inactive repositories from the
> main index -- say, the ones tha
Does that vuln apply to our usage of libgit?
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Merged, thanks.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
On Thu, May 12, 2016 at 10:14 PM, Juuso Lapinlampi wrote:
> To be honest, it feels like handling canonical URIs is what the
> webserver should handle, not the CGI application unless I'm missing
> something here.
>
That's not how CGI works though.
___
C
Hi folks,
When Christian implemented /about/image.jpg handling, it brought up
the issue of /about vs /about/ and I wound up adding this commit [1]
to canonicalize that url so that rendered content would always wind up
referencing the correct relative path.
We have another potential issue, however
On Thu, May 12, 2016 at 9:36 PM, Juuso Lapinlampi wrote:
> The "diff options" in commit diff page also uses `action='.'`. That also
> creates an issue.
Just spotted that a second ago too. We should be all set now.
___
CGit mailing list
CGit@lists.zx2c4.
https://git.zx2c4.com/cgit/commit/?id=c34e28835bc06ea9f76f440909f59a697910e9e8
Voila.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Good idea with the Chrome developer tools. I just tried it myself, and
no it doesn't work.
The switch branch form works with https://git.zx2c4.com/zmusic-ng/ and
fails with https://git.zx2c4.com/zmusic-ng which is what I suspected.
It turns out action is not required either, and when omitted mean
This is live on git.zx2c4.com . So far it looks good to me.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
On Thu, May 12, 2016 at 6:16 PM, Paul Wise wrote:
>
> On Thu, 2016-05-12 at 17:51 +0200, Jason A. Donenfeld wrote:
>
> > Jusso has provided a patch.
>
> Do you have a link to the patch and discussion of it?
You can find it
Paul has provided a link. Jusso has provided a patch.
It is now the time for interested parties to write their most eloquent
defenses or offensives regarding vcs-git.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Are the two consumers listed in that document really the only two
consumers out there?
If so, I'm going to get rid of this.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
On Wed, May 11, 2016 at 7:48 PM, Juuso Lapinlampi wrote:
> CRLF is explicitly defined as the line break in the HTTP protocol
> specifications: RFC 2616 (obsolete) and RFC 7230.
But this is CGI, not HTTP.
___
CGit mailing list
CGit@lists.zx2c4.com
http:/
On Wed, May 11, 2016 at 9:38 PM, Juuso Lapinlampi wrote:
> I am aware, but small changes like these are not generally recognized to
> fit the threshold of originality for copyright protection. Thus, the
> idea of Signed-off is quite often silly.
I don't care. I don't care to debate it either. Do
Merged, thanks.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Could we instead just remove action? Does this work both in the case
of path/to/page and path/to/page/ ? Or in the former will this wind up
requesting path/to/.?
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
On Wed, May 11, 2016 at 8:56 PM, John Keeping wrote:
> This seems like a reasonable aim, but don't we need to actually *be*
> HTML(5?) as well in order to do this? Currently we close and
> tags even though HTML is explicit that this shouldn't be done.
No, in HTML5 you can do it if you want but
On Wed, May 11, 2016 at 8:04 PM, Juuso Lapinlampi wrote:
>
> static const char cgit_doctype[] =
> -" -" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\";>\n";
> +""\n";
Not syntactically valid C either. Test your commits before you submit.
On Wed, May 11, 2016 at 7:50 PM, Juuso Lapinlampi wrote:
> - cgit_print_docstart();
> - cgit_print_pageheader();
> + cgit_print_layout_start()
> va_start(ap, fmt);
You forgot a semicolon. Please test your commits before you submit.
Otherwise you waste everyone's time.
F
Hi Paul,
We added vcs-git per your request [1]. Now there's talk of removing it.
Could you give full justification for its existence? How is it useful?
What uses it?
Thanks,
Jason
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailma
Merged!
It's time we grow up.
If this causes rendering errors due to compatibility modes the prior
XHTML header was triggering, we can fix those up in subsequent
commits.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo
Merged, thanks.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Can you rename this from "summary-enable-split-repo-link" to
"split-summary-repo-link"?
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Merged, thanks.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Merged, thanks.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Merged, thanks.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Hey guys,
I'm in Greece then Japan traveling until the first week of July. I'll have
a few days in between to merge things, hopefully. Anyway, I'm here reading
your emails and patches.
Jason
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.
Yes, I'll try to get that done this weekend.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Are repos without .git/config necessarily invalid?
zx2c4@thinkpad ~ $ mkdir abcd
zx2c4@thinkpad ~ $ cd abcd
zx2c4@thinkpad ~/abcd $ git init
Initialized empty Git repository in /home/zx2c4/abcd/.git/
zx2c4@thinkpad ~/abcd $ touch file
zx2c4@thinkpad ~/abcd $ git add file
zx2c4@thinkpad ~/abcd $ gi
Are repos without .git/config necessarily invalid?
zx2c4@thinkpad ~ $ mkdir abcd
zx2c4@thinkpad ~ $ cd abcd
zx2c4@thinkpad ~/abcd $ git init
Initialized empty Git repository in /home/zx2c4/abcd/.git/
zx2c4@thinkpad ~/abcd $ touch file
zx2c4@thinkpad ~/abcd $ git add file
zx2c4@thinkpad ~/abcd $ gi
Ahh, good point.
There are a couple more calls to exit that I'm investigating. This is
certainly not the nicest way to handle things...
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Welp, in the last 2 days:
krantz log # grep git-daemon messages | grep 'Connection from' | wc -l
3079
So, I guess git:// will be sticking around, alas.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Hi guys,
When caching is turned on, if we exit(0) early from a cmd, the cache
won't be properly finalized (or even sent), and we get a server error
because of blank output. I just fixed this bug with redirect:
https://git.zx2c4.com/cgit/commit/?id=e9cbdf64632fbe64d6b0c4974ac947ef954938e7
This is
On Tue, Feb 23, 2016 at 3:44 PM, Christian Hesse wrote:
> Did pngcrush compress more? I tried optipng, but it did not change the file.
It managed to shave off a few bytes, yes.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/li
I would, instead, suggest this elegant hack:
zx2c4@thinkpad ~ $ cat a.c
int main(int argc, char *argv[])
{
printf("git's main\n");
}
zx2c4@thinkpad ~ $ cat b.c
#define main git_http_backend_main
#include "a.c"
#undef main
int main(int argc, char *argv[])
{
printf("cgit's main\n");
For the ricers out there, this might be desirable:
https://git.zx2c4.com/cgit/tree/cgit.conf?h=jd/zx2c4-deployment
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Thanks for posting that thread. I'd forgotten about that. I think my
views there are still solid:
We either use the hack from the manpage (which is what Brad's patch
does), or, so that we don't have to make compatibility infrastructure,
we simply work around this function so that we don't need it.
On Tue, Feb 23, 2016 at 10:45 AM, John Keeping wrote:
> It's because CGit only supports the dumb HTTP protocol whereas GitHub
> supports the smart protocol. git-http-backend(1) describes how to set
> up a webserver for to support the smart protocol.
>
> [aside: given the inefficiency of the dumb
Fixed.
https://git.zx2c4.com/cgit/commit/?id=c424b5cb0253d8b55d3932efa51aa703dab2bf40
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Yes, releases are. Obviously this conversation extends to much more
than releases, though. I sign tags too:
https://git.zx2c4.com/cgit/tag/?h=v0.12
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
On Tue, Feb 23, 2016 at 7:49 AM, Peter Colberg wrote:
> Would you reconsider opening the homepage link in the current tab
> by default? This way visitors have the option to open the homepage
> in new tab if they like (e.g., using middle-click), but they are not
> forced to do so.
As I understand
According the the FSF, we're allowed to distribute parts of it as we
are doing alongside cgit, without changing the status of cgit.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Thanks. I did actually do this myself in inkscape from an svg
representation of the font, but I must have hit the anti aliasing
button or something. Also, the opacity is much better, thanks.
I merged this, and also ran the png through pngcrush before.
__
On Tue, Feb 23, 2016 at 2:53 PM, Brian Minton wrote:
> Certainly got can sign individual tags with an OpenPGP key. Each commit is
> also hashed and the hashes are known. If you sign every commit, or at least
> every release, the code can't be tampered with. This is the workflow of, for
> instance,
On Tue, Feb 23, 2016 at 2:19 AM, Eric Wong wrote:
> I suggest keeping git:// running as automated mirrors may not be
> monitored very closely or easily updated.
That's a good point. I'd forgotten about automated mirrors. I'll keep
logs of the git:// pulls for a month or so and see if there are an
On Mon, Feb 22, 2016 at 9:43 PM, Joe Anakata
wrote:
> (Also it was mentioned this would only work for people making a fresh
> clone; anyone with an existing clone would almost certainly know
> something was up.)
No, definitely a MITM attack is feasible that would be fast
forwardable just fine for
On Mon, Feb 22, 2016 at 8:57 PM, Eclipse Webmaster (Denis Roy)
wrote:
>
> Everything is possible "in theory" ... But folks really need to stop
> thinking that https is the impenetrable solution to everything.
Are you aware of some attack on TLS 1.2 that I'm not?
__
Merged, thanks.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
On Tue, Feb 23, 2016 at 3:15 AM, Jason A. Donenfeld wrote:
> Subject: [PATCH] timegm() compat for non-Linux and non-BSD
What platform, specifically, do you have in mind?
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listi
>From 34e1cfd7f56e20c577cebba31e8235e101f95972 Mon Sep 17 00:00:00 2001
From: Brad Forschinger
Date: Tue, 23 Feb 2016 10:18:34 +1100
Subject: [PATCH] timegm() compat for non-Linux and non-BSD
---
cgit.mk| 9 +
ui-stats.c | 19 +++
2 files changed, 28 insertions(+)
d
-- Forwarded message --
From: Brad Forschinger
Date: Tue, Feb 23, 2016 at 12:27 AM
Subject: cgit: [PATCH] timegm() compat for non-Linux and non-BSD
To: ja...@zx2c4.com
Hi Jason,
I almost know that gmail will mangle the e-mail, so I'll include it as
an attachment.
Brad
From 34e1
https://git.zx2c4.com/git-daemon-dummy/about/
I just wrote this.
Will consider whether or not to deploy it.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
On Mon, Feb 22, 2016 at 8:18 PM, Ferry Huberts wrote:
> Yes, why?
> What's the point?
So that the contents of the repository cannot be modified in transit.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Well, uh oh speghettio!
Looks like somebody has published in paper the git:// URI:
https://books.google.fr/books?id=kJsQAwAAQBAJ&pg=PA314&lpg=PA314&dq=git://git.zx2c4.com&source=bl&ots=W6M9TlYzCY&sig=g-PY0glN2ddWygtFDLiHgbiC69I&hl=en&sa=X&redir_esc=y#v=onepage&q=git%3A%2F%2Fgit.zx2c4.com&f=false
Hello projects-with-mailing-lists,
Now that git.zx2c4.com runs over HTTPS, I'm considering getting rid of
the plaintext git:// endpoint for cloning.
This means:
git clone git://git.zx2c4.com/cgit
-->
git clone https://git.zx2c4.com/cgit
git clone git://git.zx2c4.com/password-store
-->
git clone
Hi guys,
We'll switch to semver. Why not? Our current versioning situation doesn't
make much sense.
That means the next release oughta be a nice one.
Thoughts?
Jason
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cg
Merged!
https://git.zx2c4.com/cgit/commit/?id=de6098be6a65a4758ff8eac6359bd6fd30ba7bd3
Thanks.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Here we go:
https://git.zx2c4.com/cgit/commit/?h=jd/zx2c4-deployment&id=e160fa1fe7efbae91ff04992df0b3464f43a4426
You can see it in action here:
https://git.zx2c4.com/password-store/
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailma
:03 PM, John Keeping wrote:
> On Mon, Feb 22, 2016 at 04:42:12PM +0100, Jason A. Donenfeld wrote:
> > Seems like a very useful feature. I'd like some feedback on ➦
> though.
> >
> > It'd be nice to have this:
> > http://fortawesome.github.io/Font-Awesome/i
Seems like a very useful feature. I'd like some feedback on ➦ though.
It'd be nice to have this:
http://fortawesome.github.io/Font-Awesome/icon/external-link/
or this:
http://www.fileformat.info/info/unicode/char/1f517/index.htm
But the former is overhead I won't accept and the latter isn't
avail
Signed-off-by: Jason A. Donenfeld
---
cgit.c | 4
cgit.h | 1 +
cgitrc.5.txt | 13 -
scan-tree.c | 2 ++
shared.c | 1 +
ui-shared.c | 5 +
6 files changed, 21 insertions(+), 5 deletions(-)
diff --git a/cgit.c b/cgit.c
index 7f83a2d..fc482be 100644
Signed-off-by: Jason A. Donenfeld
---
cmd.c | 11 ++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/cmd.c b/cmd.c
index 3093c62..0375c5a 100644
--- a/cmd.c
+++ b/cmd.c
@@ -47,8 +47,17 @@ static void about_fn(void)
cgit_redirect(redirect, true
Hi folks,
We now have an HTTPS endpoint for cloning the repo more securely:
$ git clone https://git.zx2c4.com/cgit
Enjoy!
Jason
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Whoops. Thanks.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Okay, well, awaiting your fixup patches.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Merged, thanks.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
This series is faulty. See git.zx2c4.com
It shows (GMT) when those times are not GMT.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
http://git.zx2c4.com/cgit/commit/?id=a8b9ef8c1c68fbb9c89db2d8c12dca38c15e2bfd
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
On top of things as usual. Thanks Christian!
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Merged this series. Thanks!
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
On second thought, seeing as show_date isn't really reentrant either,
whatever. Lost cause at this point I suppose.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
This is a step away from obtaining the reentrancy we want(ed). I'll
merge this and then try to fix it up.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
With lots of tabs open containing many files from /tree, it's useful
to see which file is open. For this I'm reversing the components of
the path name, flipping the slash around, and pre-pending it to the
document title.
http://git.zx2c4.com/linux/tree/arch/x86/boot/copy.S
Take a look at the docu
-- Forwarded message --
From: Michael Krelin
Date: Fri, Jan 15, 2016 at 7:17 PM
Subject: Re: XSS in cgit
To: "Jason A. Donenfeld"
Cc: "cgit@lists.zx2c4.com"
Hey,
I can’t remember all the details (2008!), but the main idea was to
feed the URL directly to
So there is now only 1 issue remaining: 13839.
static void add_commit(struct string_list *authors, struct commit *commit,
const struct cgit_period *period)
{
struct commitinfo *info;
struct string_list_item *author, *item;
struct authorstat *authorstat;
stru
Thanks John!
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Make "scan-path" the last line.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Hi Michael,
Thanks for your response. So the use case was in fact quite specific,
and it seems like our recent treatment of the /plain endpoint handles
that quite well and in a safe manner too.
Okay, I feel solid about the change now. Thanks a bunch.
Jason
___
Hi Michael,
Care to enlighten us what the use case behind 42effc9 [1] was?
Thanks,
Jason
[1]
http://git.zx2c4.com/cgit/commit/?id=42effc939090b2fbf1b2b76cd1d9c30fabcd230e
On Fri, Jan 15, 2016 at 12:34 PM, Jason A. Donenfeld wrote:
>
> On Jan 13, 2016 9:11 PM, "Eric Wong" wro
On Jan 13, 2016 9:11 PM, "Eric Wong" wrote:
>
> "Jason A. Donenfeld" wrote:
> > Given all this, could somebody remind me why we have both /plain and
> > /blob handlers? And if it's still necessary to maintain a distinction?
> > If not, I will gl
-- Forwarded message --
From:
Date: Thu, Jan 14, 2016 at 5:55 PM
Subject: Re: CVE Request: CGit - Multiple vulnerabilities
To: ja...@zx2c4.com
Cc: cve-ass...@mitre.org, oss-secur...@lists.openwall.com,
krzysztof.kowalew...@eset.pl, e...@includesecurity.com
-BEGIN PGP SIGNED
These issues are fixed in the new release, v0.12:
http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi folks,
CGit 0.12 is now available, with some important features, bug fixes, and
security fixes.
== CGit on the Web ==
* homepage: http://git.zx2c4.com/cgit/about/
* git repository: http://git.zx2c4.com/cgit/
* git clone: git://git.zx2c4.com/c
Hi guys,
With these security vulns, I really really ought to stop putting it
off and make a new release as soon as possible.
Please please please - would somebody take the time to work through
the rest of our Coverity findings and send patches etc?
Thanks,
Jason
_
Hi folks,
Krzysztof Katowicz-Kowalewski from ESET, Erik Cabetas from Include
Security, and myself (Jason Donenfeld) from Edge Security, have found
a few vulnerabilities in CGit:
1. Reflected Cross Site Scripting & Header Injection in Mimetype Query
String [Katowicz-Kowalewski]
The ui-blob handl
I've begun work on this. I'll post a summary of things in a bit.
Krzysztof - still waiting to hear from you.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Okay, that's compelling enough.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
Merged! Thanks.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
John - what compilers do you have in mind that don't accept this flag?
I rather like it.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
I like this idea. The hard part is -- when HTML-serving mode is not
enabled, what mime types do we restrict? Krzysztof - is there a safe
and future-proof list of mimetypes that we can blacklist?
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c
On Thu, Jan 14, 2016 at 11:57 AM, John Keeping wrote:
> I wonder if we should just drop support for the "mimetype" query
> parameter and see if anyone complains. In general, I would expect it to
> be the server's responsibility to decide on the type of its output and
> allowing the client to over
Thanks Peter. I merged this with some changes:
http://git.zx2c4.com/cgit/commit/?id=9abe4a26a92b91170cb9c5dab830b40fb1e0327f
Note that in C you need to specify (void) in the argument list if it
doesn't take any arguments. Otherwise it takes a variable number of
arguments.
Merged this. Thanks for the helper function.
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
201 - 300 of 708 matches
Mail list logo