about summary refs log tree commit diff
diff options
context:
space:
mode:
authorJohn Keeping <john@keeping.me.uk>2018-03-31 15:19:52 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2018-06-27 18:11:19 +0200
commit00ad47bbfaf7cc5c372e072a5302e871b5250390 (patch)
treeac2e435498cd75ebe6e50ac1b05c102c884cce8f
parentAdd "snapshot-prefix" repo configuration (diff)
downloadcgit-pink-00ad47bbfaf7cc5c372e072a5302e871b5250390.tar.gz
cgit-pink-00ad47bbfaf7cc5c372e072a5302e871b5250390.zip
ui-snapshot: filter permitted snapshot requests
Currently the snapshots configuration option only filters which links
are displayed, not which snapshots may be generated and downloaded.
Apply the filter also to requests to ensure that the system policy is
enforced.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
-rw-r--r--ui-snapshot.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/ui-snapshot.c b/ui-snapshot.c
index b9e2a36..abf8399 100644
--- a/ui-snapshot.c
+++ b/ui-snapshot.c
@@ -194,7 +194,7 @@ void cgit_print_snapshot(const char *head, const char *hex,
 	}
 
 	f = get_format(filename);
-	if (!f) {
+	if (!f || !(ctx.repo->snapshots & f->bit)) {
 		cgit_print_error_page(400, "Bad request",
 				"Unsupported snapshot format: %s", filename);
 		return;