routes: disable git push
Anirudh Oppiliappan x@icyphox.sh
PGP Signature
-----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEE/huPz+bBYiLxVxyOipP5b3jF1MQFAmOZ9WEACgkQipP5b3jF 1MQwDwgAmbtFE7pDREbYSt4MN3fV3qP/TRk2yGlHj92NNlpMXJZ8xmsDA1Yekbsr 2WSyoT/VyHYY55havV/Q0XANHY8Atix5pLwKmkN7aVx8R4EOFS5Eqx+nBkIaWCBI LLD/yqvZFcXuevHgV/4AfL0xfhus0UTRq15cWyp3XDDU4lO9frdaBaVuuPR1pSsY YpYXr8ZfljbMORAi7zD39umcjYvpJPQHPojOsls+ZcwiEf31LznHM/OPaUPmUMOU eZCDBJJbx2OY9YgXm2MjLjahewFpSMqOwxS9xBnPnXRttIoK6XZ+hcwlQHt6+uL1 GSk316x9F33rIeLQ8r2+FX/5scpxoQ== =PenE -----END PGP SIGNATURE-----
1 files changed,
9 insertions(+),
6 deletions(-)
jump to
M
routes/handler.go
→
routes/handler.go
@@ -4,7 +4,6 @@ import (
"log" "net/http" "path/filepath" - "regexp" "github.com/alexedwards/flow" "github.com/sosedoff/gitkit"@@ -16,20 +15,24 @@ actualDeps deps
gitsvc *gitkit.Server } -// Checks for gitprotocol-http(5) specific query params; if found, passes +// Checks for gitprotocol-http(5) specific smells; if found, passes // the request on to the git http service, else render the web frontend. func (dw *depsWrapper) Multiplex(w http.ResponseWriter, r *http.Request) { path := flow.Param(r.Context(), "...") name := flow.Param(r.Context(), "name") name = filepath.Clean(name) - gitCommand := regexp.MustCompile(`git-(upload|receive)-pack`) + + if r.URL.RawQuery == "service=git-receive-pack" { + w.WriteHeader(http.StatusBadRequest) + w.Write([]byte("no pushing allowed!")) + return + } - if path == "info/refs" && gitCommand.MatchString(r.URL.RawQuery) && r.Method == "GET" { + if path == "info/refs" && r.URL.RawQuery == "service=git-upload-pack" && r.Method == "GET" { dw.gitsvc.ServeHTTP(w, r) - } else if gitCommand.MatchString(path) && r.Method == "POST" { + } else if path == "git-upload-pack" && r.Method == "POST" { dw.gitsvc.ServeHTTP(w, r) } else if r.Method == "GET" { - log.Println("index:", r.URL.String()) dw.actualDeps.RepoIndex(w, r) } }