ui-snapshot: filter permitted snapshot requests
Currently the snapshots configuration option only filters which links are displayed, not which snapshots may be generated and downloaded. Apply the filter also to requests to ensure that the system policy is enforced. Signed-off-by: John Keeping <john@keeping.me.uk> Reviewed-by: Christian Hesse <mail@eworm.de>
This commit is contained in:
vanhempi
c1572bb5ec
commit
00ad47bbfa
@ -194,7 +194,7 @@ void cgit_print_snapshot(const char *head, const char *hex,
|
||||
}
|
||||
|
||||
f = get_format(filename);
|
||||
if (!f) {
|
||||
if (!f || !(ctx.repo->snapshots & f->bit)) {
|
||||
cgit_print_error_page(400, "Bad request",
|
||||
"Unsupported snapshot format: %s", filename);
|
||||
return;
|
||||
|
Ladataan…
Viittaa uudesa ongelmassa
Block a user