use untrusted settings in hgweb
The only exceptions are web.static and web.templates, since they can
be used to get any file that is readable by the user running the CGI
script.
Other options can be (ab)used to increase the use of the cpu
(allow_bz2) or of the bandwidth (server.uncompressed), but they're
trusted anyway.
#!/bin/sh
#
# This is an example of using HGEDITOR to create of diff to review the
# changes while commiting.
# If you want to pass your favourite editor some other parameters
# only for Mercurial, modify this:
case "${EDITOR}" in
"")
EDITOR="vi"
;;
emacs)
EDITOR="$EDITOR -nw"
;;
gvim|vim)
EDITOR="$EDITOR -f -o"
;;
esac
HGTMP=""
cleanup_exit() {
rm -rf "$HGTMP"
}
# Remove temporary files even if we get interrupted
trap "cleanup_exit" 0 # normal exit
trap "exit 255" 1 2 3 6 15 # HUP INT QUIT ABRT TERM
HGTMP="${TMPDIR-/tmp}/hgeditor.$RANDOM.$RANDOM.$RANDOM.$$"
(umask 077 && mkdir "$HGTMP") || {
echo "Could not create temporary directory! Exiting." 1>&2
exit 1
}
(
grep '^HG: changed' "$1" | cut -b 13- | while read changed; do
hg diff "$changed" >> "$HGTMP/diff"
done
)
cat "$1" > "$HGTMP/msg"
MD5=$(which md5sum 2>/dev/null) || \
MD5=$(which md5 2>/dev/null)
[ -x "${MD5}" ] && CHECKSUM=`${MD5} "$HGTMP/msg"`
if [ -s "$HGTMP/diff" ]; then
$EDITOR "$HGTMP/msg" "$HGTMP/diff" || exit $?
else
$EDITOR "$HGTMP/msg" || exit $?
fi
[ -x "${MD5}" ] && (echo "$CHECKSUM" | ${MD5} -c >/dev/null 2>&1 && exit 13)
mv "$HGTMP/msg" "$1"
exit $?