Mercurial > hg > mercurial-crew-with-dirclash
view hgweb.cgi @ 1825:a9343f9d7365
Make hgweb.staticfile() more secure and portable.
Without this, files in directories next to the static directory starting
with 'static' could be retrieved, e.g. with '../static.private/foo'.
Additionally staticfile now generates platform specific pathnames from
the /-separated paths given in the URL.
Illegal file names (e.g. containing %00) now yield a sane error message.
author | Thomas Arendsen Hein <thomas@intevation.de> |
---|---|
date | Thu, 02 Mar 2006 09:17:04 +0100 |
parents | 5f65a108a559 |
children | d0db3462d568 |
line wrap: on
line source
#!/usr/bin/env python # # An example CGI script to use hgweb, edit as necessary import cgitb, os, sys cgitb.enable() # sys.path.insert(0, "/path/to/python/lib") # if not a system-wide install from mercurial import hgweb h = hgweb.hgweb("/path/to/repo", "repository name") h.run()