[PATCH] Accept file://localhost/ style urls as local

Christian Ebert blacktrash at gmx.net
Wed Sep 12 06:50:09 CDT 2007 

* Brendan Cully on Saturday, September 08, 2007 at 23:03:28 -0700
> Hrm. I like the general approach, but I'm not sure it does the right
> thing when the hostname isn't local. file://otherhost/foo appears to
> turn into `pwd`/otherhost/foo in this case. We could raise an
> exception here, but it's a little annoying to have to put drop_scheme
> into a try/except block to handle this extremely unlikely error.
> 
> I'm still not convinced this isn't stillborn code.

Another stillborn proposal ;)


# HG changeset patch
# User Christian Ebert <blacktrash at gmx.net>
# Date 1189597334 -7200
# Node ID 97d4b4e5b535d6091a24a6cbfa0c4b99b15a84d0
# Parent  81575b7b505e49dcb5744fc857286c0de3a36dbc
Secure handling of file urls

Accept
file:///path
file:/path
file://localhostname/path

Do not accept
file:path/not/starting/with/slash
file://invalidlocalhostname/path

diff --git a/mercurial/util.py b/mercurial/util.py
--- a/mercurial/util.py
+++ b/mercurial/util.py
@@ -14,7 +14,7 @@ platform-specific details from the core.
 
 from i18n import _
 import cStringIO, errno, getpass, popen2, re, shutil, sys, tempfile, strutil
-import os, stat, threading, time, calendar, ConfigParser, locale, glob
+import os, stat, threading, time, calendar, ConfigParser, locale, glob, socket
 
 try:
     set = set
@@ -1683,12 +1683,30 @@ def bytecount(nbytes):
             return format % (nbytes / float(divisor))
     return units[-1][2] % nbytes
 
+def _localhostnames():
+    hl = []
+    for h in socket.gethostbyaddr(socket.gethostname()):
+        if isinstance(h, str):
+            h = [h]
+        hl += h
+    return hl
+
 def drop_scheme(scheme, path):
     sc = scheme + ':'
     if path.startswith(sc):
         path = path[len(sc):]
+        if scheme == 'file' and not path.startswith('/'):
+            raise Abort(_('invalid file url'))
         if path.startswith('//'):
             path = path[2:]
+            if scheme == 'file' and not path.startswith('/'):
+                if path[:10] in ('localhost/', '127.0.0.1/'):
+                    return path[9:]
+                for h in _localhostnames():
+                    if path.startswith(h + '/'):
+                        return path[len(h):]
+                inv = path.split('/', 1)[0]
+                raise Abort(_('%s: invalid local hostname') % inv)
     return path
 
 def uirepr(s):

More information about the Mercurial-devel mailing list