Alexis S. L. Carvalho <alexis@cecm.usp.br> [Thu, 26 Oct 2006 19:25:45 +0200] rev 3541
use untrusted settings in hgweb
The only exceptions are web.static and web.templates, since they can
be used to get any file that is readable by the user running the CGI
script.
Other options can be (ab)used to increase the use of the cpu
(allow_bz2) or of the bandwidth (server.uncompressed), but they're
trusted anyway.
Alexis S. L. Carvalho <alexis@cecm.usp.br> [Thu, 26 Oct 2006 19:25:45 +0200] rev 3540
add untrusted argument to patch.diffopts
Alexis S. L. Carvalho <alexis@cecm.usp.br> [Thu, 26 Oct 2006 19:25:45 +0200] rev 3539
add --untrusted to showconfig
Alexis S. L. Carvalho <alexis@cecm.usp.br> [Thu, 26 Oct 2006 19:25:45 +0200] rev 3538
save settings from untrusted config files in a separate configparser
This untrusted configparser is a superset of the trusted configparser,
so that interpolation still works.
Also add an "untrusted" argument to ui.config* to allow querying
ui.ucdata.
With --debug, we print a warning when we read an untrusted config
file, and when we try to access a trusted setting that has one value
in the trusted configparser and another in the untrusted configparser.