[PATCH 3 of 3] Added new remoteopts 'contact' and 'description' for httprepo creation
Martin Vejnár
avakar at ratatanek.cz
Mon Sep 28 04:14:52 CDT 2009
Martin Geisler wrote:
> I don't really know anything about hgweb, so I haven't looked at the
> code. But I think it would be nice if it would support server-side
> clones.
The patch doesn't implement server-side clones, it provides for
localrepo to httprepo cloning. I agree that server-side clones would be
nice, although I think they should be performed through the web
interface, not with the client. It would also be nice if hgweb interface
supported moving and deleting of repos and hgrc editing (making ssh
access completely unnecessary).
> I trust that you have thought about directory-traversal attacks where
> people create a repository called "../../something" and thereby
> escape the "sandbox"?
Well, actually, I haven't. Thank you for the reminder, I've fixed the
problem and will be reposting the patches shortly.
Best regards,
--
Martin
More information about the Mercurial-devel
mailing list