diff options
| author | Sean McGivern <sean@gitlab.com> | 2016-06-09 11:53:11 +0100 |
|---|---|---|
| committer | Sean McGivern <sean@gitlab.com> | 2016-06-09 11:53:11 +0100 |
| commit | df5fb28a3a7f3bae496805716211eb47936ecc81 (patch) | |
| tree | d22204f6ce577f8be850b73f86f835bb2c610ff1 /config/routes.rb | |
| parent | 13fd88faa3a334e0a9d221c578abde686d45e368 (diff) | |
| download | gitlab-ce-fix-git-http-routing.tar.gz | |
Ensure only IDs ending in .git perform git actionsfix-git-http-routing
It doesn't seem possible to set constraints based on format for project
IDs ending in .git, so set the constraint on the ID and ensure the
format is nil to avoid the case where the project ID is something like
project.git.foo.
Diffstat (limited to 'config/routes.rb')
| -rw-r--r-- | config/routes.rb | 34 |
1 files changed, 17 insertions, 17 deletions
diff --git a/config/routes.rb b/config/routes.rb index 417289829db..4d122549633 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -442,22 +442,6 @@ Rails.application.routes.draw do resources(:projects, constraints: { id: /[a-zA-Z.0-9_\-]+(?<!\.atom)/ }, except: [:new, :create, :index], path: "/") do - # Allow /info/refs, /info/refs?service=git-upload-pack, and - # /info/refs?service=git-receive-pack, but nothing else. - # - git_http_handshake = lambda do |request| - request.query_string.blank? || - request.query_string.match(/\Aservice=git-(upload|receive)-pack\z/) - end - - ref_redirect = redirect do |params, request| - path = "#{params[:namespace_id]}/#{params[:project_id]}.git/info/refs" - path << "?#{request.query_string}" unless request.query_string.blank? - path - end - - get '/info/refs', constraints: git_http_handshake, to: ref_redirect - member do put :transfer delete :remove_fork @@ -472,12 +456,28 @@ Rails.application.routes.draw do scope module: :projects do # Git HTTP clients ('git clone' etc.) - scope constraints: { format: /(git|wiki\.git)/ } do + scope constraints: { id: /.+\.git/, format: nil } do get '/info/refs', to: 'git_http#info_refs' post '/git-upload-pack', to: 'git_http#git_upload_pack' post '/git-receive-pack', to: 'git_http#git_receive_pack' end + # Allow /info/refs, /info/refs?service=git-upload-pack, and + # /info/refs?service=git-receive-pack, but nothing else. + # + git_http_handshake = lambda do |request| + request.query_string.blank? || + request.query_string.match(/\Aservice=git-(upload|receive)-pack\z/) + end + + ref_redirect = redirect do |params, request| + path = "#{params[:namespace_id]}/#{params[:project_id]}.git/info/refs" + path << "?#{request.query_string}" unless request.query_string.blank? + path + end + + get '/info/refs', constraints: git_http_handshake, to: ref_redirect + # Blob routes: get '/new/*id', to: 'blob#new', constraints: { id: /.+/ }, as: 'new_blob' post '/create/*id', to: 'blob#create', constraints: { id: /.+/ }, as: 'create_blob' |