Mercurial > hg > mercurial-crew-with-dirclash
view rewrite-log @ 1825:a9343f9d7365
Make hgweb.staticfile() more secure and portable.
Without this, files in directories next to the static directory starting
with 'static' could be retrieved, e.g. with '../static.private/foo'.
Additionally staticfile now generates platform specific pathnames from
the /-separated paths given in the URL.
Illegal file names (e.g. containing %00) now yield a sane error message.
author | Thomas Arendsen Hein <thomas@intevation.de> |
---|---|
date | Thu, 02 Mar 2006 09:17:04 +0100 |
parents | 5f471a75d607 |
children |
line wrap: on
line source
#!/usr/bin/env python import sys, os from mercurial import hg f = sys.argv[1] r1 = hg.revlog(open, f + ".i", f + ".d") r2 = hg.revlog(open, f + ".i2", f + ".d2") tr = hg.transaction(open, "journal") for i in xrange(r1.count()): n = r1.node(i) p1, p2 = r1.parents(n) l = r1.linkrev(n) t = r1.revision(n) n2 = r2.addrevision(t, tr, l, p1, p2) tr.close() os.rename(f + ".i", f + ".i.old") os.rename(f + ".d", f + ".d.old") os.rename(f + ".i2", f + ".i") os.rename(f + ".d2", f + ".d")