Mercurial > public > mercurial-scm > hg
comparison mercurial/revset.py @ 30850:41e31a6f5296 stable
revset: prevent using outgoing() and remote() in hgweb session (BC)
outgoing() and remote() may stall for long due to network I/O, which seems
unsafe per definition, "whether a predicate is safe for DoS attack." But I'm
not 100% sure about this. If our concern isn't elapsed time but CPU resource,
these predicates are considered safe. Perhaps that would be up to the
web/application server configuration?
Anyway, outgoing() and remote() wouldn't be useful in hgweb, so I think
it's okay to ban them.
| author | Yuya Nishihara <yuya@tcha.org> |
|---|---|
| date | Fri, 20 Jan 2017 21:33:18 +0900 |
| parents | 4227f80f72b2 |
| children | 1be65deb3d54 |
comparison
equal
deleted
inserted
replaced
| 30849:763031a7690d | 30850:41e31a6f5296 |
|---|---|
| 1544 o -= set([None]) | 1544 o -= set([None]) |
| 1545 # XXX we should turn this into a baseset instead of a set, smartset may do | 1545 # XXX we should turn this into a baseset instead of a set, smartset may do |
| 1546 # some optimizations from the fact this is a baseset. | 1546 # some optimizations from the fact this is a baseset. |
| 1547 return subset & o | 1547 return subset & o |
| 1548 | 1548 |
| 1549 @predicate('outgoing([path])', safe=True) | 1549 @predicate('outgoing([path])', safe=False) |
| 1550 def outgoing(repo, subset, x): | 1550 def outgoing(repo, subset, x): |
| 1551 """Changesets not found in the specified destination repository, or the | 1551 """Changesets not found in the specified destination repository, or the |
| 1552 default push location. | 1552 default push location. |
| 1553 """ | 1553 """ |
| 1554 # Avoid cycles. | 1554 # Avoid cycles. |
| 1735 target = phases.public | 1735 target = phases.public |
| 1736 condition = lambda r: phase(repo, r) == target | 1736 condition = lambda r: phase(repo, r) == target |
| 1737 return subset.filter(condition, condrepr=('<phase %r>', target), | 1737 return subset.filter(condition, condrepr=('<phase %r>', target), |
| 1738 cache=False) | 1738 cache=False) |
| 1739 | 1739 |
| 1740 @predicate('remote([id [,path]])', safe=True) | 1740 @predicate('remote([id [,path]])', safe=False) |
| 1741 def remote(repo, subset, x): | 1741 def remote(repo, subset, x): |
| 1742 """Local revision that corresponds to the given identifier in a | 1742 """Local revision that corresponds to the given identifier in a |
| 1743 remote repository, if present. Here, the '.' identifier is a | 1743 remote repository, if present. Here, the '.' identifier is a |
| 1744 synonym for the current local branch. | 1744 synonym for the current local branch. |
| 1745 """ | 1745 """ |