Mercurial > public > mercurial-scm > hg
comparison mercurial/hgweb/common.py @ 34585:f28c85e29afc
configitems: register the 'web.push_ssl' config
| author | Boris Feld <boris.feld@octobus.net> |
|---|---|
| date | Wed, 11 Oct 2017 03:29:09 +0200 |
| parents | 67873ec0f4ce |
| children | f42dec9c976e |
comparison
equal
deleted
inserted
replaced
| 34584:bf2389b1f15e | 34585:f28c85e29afc |
|---|---|
| 67 raise ErrorResponse(HTTP_METHOD_NOT_ALLOWED, msg) | 67 raise ErrorResponse(HTTP_METHOD_NOT_ALLOWED, msg) |
| 68 | 68 |
| 69 # require ssl by default for pushing, auth info cannot be sniffed | 69 # require ssl by default for pushing, auth info cannot be sniffed |
| 70 # and replayed | 70 # and replayed |
| 71 scheme = req.env.get('wsgi.url_scheme') | 71 scheme = req.env.get('wsgi.url_scheme') |
| 72 if hgweb.configbool('web', 'push_ssl', True) and scheme != 'https': | 72 if hgweb.configbool('web', 'push_ssl') and scheme != 'https': |
| 73 raise ErrorResponse(HTTP_FORBIDDEN, 'ssl required') | 73 raise ErrorResponse(HTTP_FORBIDDEN, 'ssl required') |
| 74 | 74 |
| 75 deny = hgweb.configlist('web', 'deny_push') | 75 deny = hgweb.configlist('web', 'deny_push') |
| 76 if deny and (not user or ismember(hgweb.repo.ui, user, deny)): | 76 if deny and (not user or ismember(hgweb.repo.ui, user, deny)): |
| 77 raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized') | 77 raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized') |