[PATCH 2 of 4 V2] clone: use the HTTP 301 location to record the default path

Matt Harbison mharbison72 at gmail.com
Mon Feb 20 20:29:46 EST 2017


On Mon, 20 Feb 2017 09:33:05 -0500, Yuya Nishihara <yuya at tcha.org> wrote:

> On Thu, 16 Feb 2017 16:41:09 -0500, Matt Harbison wrote:
>> # HG changeset patch
>> # User Matt Harbison <matt_harbison at yahoo.com>
>> # Date 1487087965 18000
>> #      Tue Feb 14 10:59:25 2017 -0500
>> # Node ID 27a4bc77e8b8e50abc76c387f117082e5853c47e
>> # Parent  4f2862487d789edc1f36b5687d828a2914e1dc32
>> clone: use the HTTP 301 location to record the default path
>
>> @@ -230,6 +230,16 @@
>>          if self._url.rstrip('/') != resp_url.rstrip('/'):
>>              if not self.ui.quiet:
>>                  self.ui.warn(_('real URL is %s\n') % resp_url)
>> +            if resp.status == httplib.MOVED_PERMANENTLY:
>> +                u = util.url(resp_url.rstrip('/'))
>> +
>> +                # The path has auth info on creation.  Restore that  
>> here.
>> +                creds = self._authinfo
>> +                if creds:
>> +                    u.user = creds[2]
>> +                    u.passwd = creds[3] or None
>> +                self.path = str(u)
>
> I didn't carefully review this patch, but is it safe to reuse the  
> credential
> for redirected server?

Hmmm.. Maybe not.  At least for the clone path, it isn't even necessary,  
because the password is removed before writing out the hgrc file.  I  
didn't see that until after I added this, and then forgot to remove it.   
The username is stored in the hgrc file though.

It looks like url.passwordmgr stores the username/password, but I don't  
have a handy setup that will password prompt and redirect to see if that  
info can easily be obtained here.  I have no problem with dropping the 'if  
creds' (and related changes not shown here) bits.


More information about the Mercurial-devel mailing list