cgit with patches for sandboxing using qssb
Go to file
John Keeping 9d751e7eec parsing: don't clear existing state with empty input
Since commit c699866 (parsing: clear query path before starting,
2017-02-19), we clear the "page" variable simply by calling
cgit_parse_url() even if the URL is empty.  This breaks a URL like:

	.../cgit?p=about

which is generated when using the "root-readme" configuration option.

This happens because "page" is set to "about" when parsing the query
string before we handle the path (which is empty, but non-null).

It turns out that this is not the only case which is broken, but
specifying repository and page via query options has been broken since
before the commit mentioned above, for example:

	.../cgit?r=git&p=log

Fix both of these by allowing the previous state to persist if PATH_INFO
is empty, falling back to the query parameters if no path has been
requested.

Reported-by: Tom Ryder <tom@sanctum.geek.nz>
Signed-off-by: John Keeping <john@keeping.me.uk>
2017-10-14 14:31:18 +02:00
contrib/hooks contrib/hooks: add sample post-receive hook using agefile 2015-08-12 14:06:36 +02:00
filters syntax-highlighting: replace invalid unicode with ? 2017-01-22 12:44:44 +01:00
git@4384e3cde2 git: update to v2.14 2017-08-10 15:58:24 +02:00
tests tests: allow shell to be overridden 2015-08-13 15:36:18 +02:00
.gitignore tests/.gitignore: update for using Git's test infrastructure 2013-04-08 22:27:53 +02:00
.gitmodules Use https for submodule 2017-09-22 00:52:57 +02:00
.mailmap Update .mailmap with my new email address 2017-07-27 16:20:44 +02:00
AUTHORS authors: specify maintainers 2014-01-14 02:00:07 +01:00
cache.c cache: flush stdio before restoring FDs 2017-10-03 19:19:34 +01:00
cache.h Switch to exclusively using global ctx 2014-01-17 00:44:54 +01:00
cgit-doc.css Add cgit-doc.css 2009-02-12 10:24:25 +01:00
cgit.c ui-blame: add blame UI 2017-10-03 19:19:34 +01:00
cgit.css ui-blame: add blame UI 2017-10-03 19:19:34 +01:00
cgit.h ui-blame: add blame UI 2017-10-03 19:19:34 +01:00
cgit.mk ui-blame: add blame UI 2017-10-03 19:19:34 +01:00
cgit.png shrink cgit.png file size 2015-02-15 22:06:24 +01:00
cgitrc.5.txt ui-blame: add blame UI 2017-10-03 19:19:34 +01:00
cmd.c ui-blame: add blame UI 2017-10-03 19:19:34 +01:00
cmd.h cmd: no need for pre function hook now 2015-08-14 15:54:32 +02:00
configfile.c configfile: fix EOF handling 2016-10-01 11:43:33 +01:00
configfile.h Use strbuf for reading configuration files 2013-08-12 13:14:10 -06:00
COPYING Add license file and copyright notices 2006-12-10 22:41:14 +01:00
favicon.ico Add favicon 2013-05-31 02:52:24 +02:00
filter.c filter: don't use dlsym unnecessarily 2015-08-13 15:39:06 +02:00
gen-version.sh gen-version.sh: check if git is available before trying to call it 2014-02-05 15:09:15 +01:00
html.c html: html_ntxt with no ellipsis 2017-10-03 19:19:34 +01:00
html.h html: html_ntxt with no ellipsis 2017-10-03 19:19:34 +01:00
Makefile git: update to v2.14 2017-08-10 15:58:24 +02:00
parsing.c parsing: don't clear existing state with empty input 2017-10-14 14:31:18 +02:00
README Hosted on HTTPS now 2016-06-07 14:49:35 +02:00
robots.txt robots.txt: disallow access to snapshots 2013-08-12 13:14:10 -06:00
scan-tree.c git: update to v2.14 2017-08-10 15:58:24 +02:00
scan-tree.h Add support for 'project-list' option 2010-08-04 03:09:32 +02:00
shared.c git: update to v2.14 2017-08-10 15:58:24 +02:00
ui-atom.c ui-atom: properly escape delimiter in page link 2017-08-10 15:58:24 +02:00
ui-atom.h Add atom-support 2008-08-01 22:12:34 +02:00
ui-blame.c ui-blame: add blame UI 2017-10-03 19:19:34 +01:00
ui-blame.h ui-blame: add blame UI 2017-10-03 19:19:34 +01:00
ui-blob.c git: update to v2.14 2017-08-10 15:58:24 +02:00
ui-blob.h readme: use string_list instead of space deliminations 2013-05-26 16:30:03 +02:00
ui-clone.c git: update to v2.14 2017-08-10 15:58:24 +02:00
ui-clone.h Switch to exclusively using global ctx 2014-01-17 00:44:54 +01:00
ui-commit.c git: update to v2.14 2017-08-10 15:58:24 +02:00
ui-commit.h ui-commit: Limit diff based on path limit in qry.path 2010-06-19 10:40:23 +02:00
ui-diff.c git: update to v2.14 2017-08-10 15:58:24 +02:00
ui-diff.h git: update to v2.10.0 2016-09-04 12:38:18 +02:00
ui-log.c git: update to v2.14 2017-08-10 15:58:24 +02:00
ui-log.h ui-log: Add "commit-sort" option for controlling commit ordering 2012-10-17 16:30:29 +02:00
ui-patch.c cache: flush stdio before restoring FDs 2017-10-03 19:19:34 +01:00
ui-patch.h ui-patch: Rename variables 2013-08-20 19:55:54 +02:00
ui-plain.c ui-plain: print symlink content 2017-08-10 16:05:07 +02:00
ui-plain.h Switch to exclusively using global ctx 2014-01-17 00:44:54 +01:00
ui-refs.c Avoid ambiguities when prettifying snapshot names 2016-07-05 16:14:40 +02:00
ui-refs.h Fix missing prototype declarations 2016-01-14 14:02:29 +01:00
ui-repolist.c html: html_ntxt with no ellipsis 2017-10-03 19:19:34 +01:00
ui-repolist.h Fix missing prototype declarations 2016-01-14 14:02:29 +01:00
ui-shared.c ui-tree: link to blame UI if enabled 2017-10-03 19:19:34 +01:00
ui-shared.h ui-tree: link to blame UI if enabled 2017-10-03 19:19:34 +01:00
ui-snapshot.c git: update to v2.14 2017-08-10 15:58:24 +02:00
ui-snapshot.h Remove unused parameter from cgit_print_snapshot() 2014-02-21 18:19:00 +01:00
ui-ssdiff.c ui-ssdiff: fix decl-after-statement warnings 2016-10-01 11:43:45 +01:00
ui-ssdiff.h Fix missing prototype declarations 2016-01-14 14:02:29 +01:00
ui-stats.c forms: action should not be empty 2016-05-12 21:29:49 +02:00
ui-stats.h ui-stats: make cgit_period definitions 'static const' 2015-03-09 17:40:02 +01:00
ui-summary.c ui-summary: send images plain for about page 2015-08-17 14:42:58 +02:00
ui-summary.h Fix missing prototype declarations 2016-01-14 14:02:29 +01:00
ui-tag.c git: update to v2.14 2017-08-10 15:58:24 +02:00
ui-tag.h Add separate header-files for each page/view 2008-03-24 16:38:47 +01:00
ui-tree.c ui-tree: link to blame UI if enabled 2017-10-03 19:19:34 +01:00
ui-tree.h Add separate header-files for each page/view 2008-03-24 16:38:47 +01:00

cgit - CGI for Git
==================

This is an attempt to create a fast web interface for the Git SCM, using a
built-in cache to decrease server I/O pressure.

Installation
------------

Building cgit involves building a proper version of Git. How to do this
depends on how you obtained the cgit sources:

a) If you're working in a cloned cgit repository, you first need to
initialize and update the Git submodule:

    $ git submodule init     # register the Git submodule in .git/config
    $ $EDITOR .git/config    # if you want to specify a different url for git
    $ git submodule update   # clone/fetch and checkout correct git version

b) If you're building from a cgit tarball, you can download a proper git
version like this:

    $ make get-git

When either a) or b) has been performed, you can build and install cgit like
this:

    $ make
    $ sudo make install

This will install `cgit.cgi` and `cgit.css` into `/var/www/htdocs/cgit`. You
can configure this location (and a few other things) by providing a `cgit.conf`
file (see the Makefile for details).

If you'd like to compile without Lua support, you may use:

    $ make NO_LUA=1

And if you'd like to specify a Lua implementation, you may use:

    $ make LUA_PKGCONFIG=lua5.1

If this is not specified, the Lua implementation will be auto-detected,
preferring LuaJIT if many are present. Acceptable values are generally "lua",
"luajit", "lua5.1", and "lua5.2".


Dependencies
------------

* libzip
* libcrypto (OpenSSL)
* libssl (OpenSSL)
* optional: luajit or lua, most reliably used when pkg-config is available

Apache configuration
--------------------

A new `Directory` section must probably be added for cgit, possibly something
like this:

    <Directory "/var/www/htdocs/cgit/">
        AllowOverride None
        Options +ExecCGI
        Order allow,deny
        Allow from all
    </Directory>


Runtime configuration
---------------------

The file `/etc/cgitrc` is read by cgit before handling a request. In addition
to runtime parameters, this file may also contain a list of repositories
displayed by cgit (see `cgitrc.5.txt` for further details).

The cache
---------

When cgit is invoked it looks for a cache file matching the request and
returns it to the client. If no such cache file exists (or if it has expired),
the content for the request is written into the proper cache file before the
file is returned.

If the cache file has expired but cgit is unable to obtain a lock for it, the
stale cache file is returned to the client. This is done to favour page
throughput over page freshness.

The generated content contains the complete response to the client, including
the HTTP headers `Modified` and `Expires`.

Online presence
---------------

* The cgit homepage is hosted by cgit at <https://git.zx2c4.com/cgit/about/>

* Patches, bug reports, discussions and support should go to the cgit
  mailing list: <cgit@lists.zx2c4.com>. To sign up, visit
  <https://lists.zx2c4.com/mailman/listinfo/cgit>