[PATCH] hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mézard
pmezard at gmail.com
Mon Aug 1 07:51:17 CDT 2011
Le 31/07/11 23:51, Mads Kiilerich a écrit :
> Patrick Mezard wrote, On 07/31/2011 06:46 PM:
>> # HG changeset patch
>> # User Patrick Mezard<pmezard at gmail.com>
>> # Date 1312024327 -7200
>> # Branch stable
>> # Node ID 552f90214f6f0f8bda5ba0b6e949c119faf4ab32
>> # Parent 56848e2bb0c5a43b580dd2ca7ce1e781d4e75b2b
>> hgweb: do not ignore [auth] if url has a username (issue2822)
>>
>> The [auth] section was ignored when handling URLs like:
>>
>> http://user@example.com/foo
>>
>> Instead, we look in [auth] for an entry matching the URL and supplied user
>> name.
I have resent with the following modifications:
- The username is reparsed in readauthforuri()
- The matching on username is mentioned in hg help config
I still feel something is wrong with readauthforuri() : if there is a username and a password in the URI, we still try to match against the prefix + username only while we should probably immediately return with the (username, password) pair. This case only happens in the HTTPS case, and I do not know why we need it instead of relying on the passwordmgr only.
--
Patrick Mézard
More information about the Mercurial-devel
mailing list