ui-snapshot: filter permitted snapshot requests Currently the snapshots configuration option only filters which links are displayed, not which snapshots may be generated and downloaded. Apply the filter also to requests to ensure that the system policy is enforced. Signed-off-by: John Keeping <john@keeping.me.uk> Reviewed-by: Christian Hesse <mail@eworm.de>
John Keeping john@keeping.me.uk
Sat, 31 Mar 2018 15:19:52 +0100
1 files changed,
1 insertions(+),
1 deletions(-)
jump to
M
ui-snapshot.c
→
ui-snapshot.c
@@ -194,7 +194,7 @@ return;
} f = get_format(filename); - if (!f) { + if (!f || !(ctx.repo->snapshots & f->bit)) { cgit_print_error_page(400, "Bad request", "Unsupported snapshot format: %s", filename); return;