From: Jan Engelhardt <jengelh@inai.de>
To: git@vger.kernel.org
Subject: [PATCH] http-backend: give a hint that web browser access is not supported
Date: Thu, 2 Dec 2021 01:39:00 +0100 [thread overview]
Message-ID: <20211202003900.26124-1-jengelh@inai.de> (raw)
When using a browser to access a URI that is served by http-backend,
nothing but a blank page is shown. This is not helpful.
Emit the same "Request not handled" messages, but to the CGI stream
at stdout. Use the HTTP REQUEST_URI for this so that filesystem paths
are not revealed more than necessary. Add a paragraph that browsing
to http-backend URIs is not something that should normally be done.
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
---
Previously botched the commit message. not_found is not very nice
to extend; one can but make a new function.
http-backend.c | 36 +++++++++++++++++++++++++++-----
t/t5561-http-backend.sh | 46 ++++++++++++++++++++---------------------
2 files changed, 54 insertions(+), 28 deletions(-)
diff --git http-backend.c http-backend.c
index 3d6e2ff17f..f7858e9c49 100644
--- http-backend.c
+++ http-backend.c
@@ -139,6 +139,25 @@ static NORETURN void not_found(struct strbuf *hdr, const char *err, ...)
exit(0);
}
+static NORETURN void not_found_2(struct strbuf *hdr, const char *dir,
+ const char *pathinfo, const char *err,
+ const char *hint)
+{
+ http_status(hdr, 404, "Not Found");
+ hdr_nocache(hdr);
+ strbuf_add(hdr, "\r\n", 2);
+ if (pathinfo != NULL)
+ strbuf_addf(hdr, "%s: ", pathinfo);
+ strbuf_addf(hdr, "%s.\r\n", err);
+ if (hint != NULL)
+ strbuf_addf(hdr, "%s\r\n", hint);
+ end_headers(hdr);
+
+ if (err && *err)
+ fprintf(stderr, "%s: %s\n", dir, err);
+ exit(0);
+}
+
__attribute__((format (printf, 2, 3)))
static NORETURN void forbidden(struct strbuf *hdr, const char *err, ...)
{
@@ -736,7 +755,8 @@ static int bad_request(struct strbuf *hdr, const struct service_cmd *c)
int cmd_main(int argc, const char **argv)
{
- char *method = getenv("REQUEST_METHOD");
+ const char *method = getenv("REQUEST_METHOD");
+ const char *pathinfo = getenv("PATH_INFO");
const char *proto_header;
char *dir;
struct service_cmd *cmd = NULL;
@@ -775,15 +795,21 @@ int cmd_main(int argc, const char **argv)
regfree(&re);
}
- if (!cmd)
- not_found(&hdr, "Request not supported: '%s'", dir);
+ if (!cmd) {
+ const char *hint = "";
+ if (strcmp(method, "GET") == 0)
+ hint = "You cannot use a web browser to access "
+ "this URL. Only git operations like "
+ "clone/ls-remote/etc. will work.\n";
+ not_found_2(&hdr, dir, pathinfo, "Request not supported", hint);
+ }
setup_path();
if (!enter_repo(dir, 0))
- not_found(&hdr, "Not a git repository: '%s'", dir);
+ not_found_2(&hdr, dir, pathinfo, "Not a git repository", NULL);
if (!getenv("GIT_HTTP_EXPORT_ALL") &&
access("git-daemon-export-ok", F_OK) )
- not_found(&hdr, "Repository not exported: '%s'", dir);
+ not_found_2(&hdr, dir, pathinfo, "Repository not exported", NULL);
http_config();
max_request_buffer = git_env_ulong("GIT_HTTP_MAX_REQUEST_BUFFER",
diff --git t/t5561-http-backend.sh t/t5561-http-backend.sh
index 9c57d84315..d8add36fb4 100755
--- t/t5561-http-backend.sh
+++ t/t5561-http-backend.sh
@@ -44,7 +44,7 @@ grep '^[^#]' >exp <<EOF
### refs/heads/main
###
-GET /smart/repo.git/refs/heads/main HTTP/1.1 404 -
+GET /smart/repo.git/refs/heads/main HTTP/1.1 404
### getanyfile default
###
@@ -59,14 +59,14 @@ GET /smart/repo.git/$IDX_URL HTTP/1.1 200
### no git-daemon-export-ok
###
-GET /smart_noexport/repo.git/HEAD HTTP/1.1 404 -
-GET /smart_noexport/repo.git/info/refs HTTP/1.1 404 -
-GET /smart_noexport/repo.git/objects/info/packs HTTP/1.1 404 -
-GET /smart_noexport/repo.git/objects/info/alternates HTTP/1.1 404 -
-GET /smart_noexport/repo.git/objects/info/http-alternates HTTP/1.1 404 -
-GET /smart_noexport/repo.git/$LOOSE_URL HTTP/1.1 404 -
-GET /smart_noexport/repo.git/$PACK_URL HTTP/1.1 404 -
-GET /smart_noexport/repo.git/$IDX_URL HTTP/1.1 404 -
+GET /smart_noexport/repo.git/HEAD HTTP/1.1 404
+GET /smart_noexport/repo.git/info/refs HTTP/1.1 404
+GET /smart_noexport/repo.git/objects/info/packs HTTP/1.1 404
+GET /smart_noexport/repo.git/objects/info/alternates HTTP/1.1 404
+GET /smart_noexport/repo.git/objects/info/http-alternates HTTP/1.1 404
+GET /smart_noexport/repo.git/$LOOSE_URL HTTP/1.1 404
+GET /smart_noexport/repo.git/$PACK_URL HTTP/1.1 404
+GET /smart_noexport/repo.git/$IDX_URL HTTP/1.1 404
### git-daemon-export-ok
###
@@ -92,14 +92,14 @@ GET /smart/repo.git/$IDX_URL HTTP/1.1 200
### getanyfile false
###
-GET /smart/repo.git/HEAD HTTP/1.1 403 -
-GET /smart/repo.git/info/refs HTTP/1.1 403 -
-GET /smart/repo.git/objects/info/packs HTTP/1.1 403 -
-GET /smart/repo.git/objects/info/alternates HTTP/1.1 403 -
-GET /smart/repo.git/objects/info/http-alternates HTTP/1.1 403 -
-GET /smart/repo.git/$LOOSE_URL HTTP/1.1 403 -
-GET /smart/repo.git/$PACK_URL HTTP/1.1 403 -
-GET /smart/repo.git/$IDX_URL HTTP/1.1 403 -
+GET /smart/repo.git/HEAD HTTP/1.1 403
+GET /smart/repo.git/info/refs HTTP/1.1 403
+GET /smart/repo.git/objects/info/packs HTTP/1.1 403
+GET /smart/repo.git/objects/info/alternates HTTP/1.1 403
+GET /smart/repo.git/objects/info/http-alternates HTTP/1.1 403
+GET /smart/repo.git/$LOOSE_URL HTTP/1.1 403
+GET /smart/repo.git/$PACK_URL HTTP/1.1 403
+GET /smart/repo.git/$IDX_URL HTTP/1.1 403
### uploadpack default
###
@@ -113,13 +113,13 @@ POST /smart/repo.git/git-upload-pack HTTP/1.1 200 -
### uploadpack false
###
-GET /smart/repo.git/info/refs?service=git-upload-pack HTTP/1.1 403 -
-POST /smart/repo.git/git-upload-pack HTTP/1.1 403 -
+GET /smart/repo.git/info/refs?service=git-upload-pack HTTP/1.1 403
+POST /smart/repo.git/git-upload-pack HTTP/1.1 403
### receivepack default
###
-GET /smart/repo.git/info/refs?service=git-receive-pack HTTP/1.1 403 -
-POST /smart/repo.git/git-receive-pack HTTP/1.1 403 -
+GET /smart/repo.git/info/refs?service=git-receive-pack HTTP/1.1 403
+POST /smart/repo.git/git-receive-pack HTTP/1.1 403
### receivepack true
###
@@ -128,8 +128,8 @@ POST /smart/repo.git/git-receive-pack HTTP/1.1 200 -
### receivepack false
###
-GET /smart/repo.git/info/refs?service=git-receive-pack HTTP/1.1 403 -
-POST /smart/repo.git/git-receive-pack HTTP/1.1 403 -
+GET /smart/repo.git/info/refs?service=git-receive-pack HTTP/1.1 403
+POST /smart/repo.git/git-receive-pack HTTP/1.1 403
EOF
test_expect_success 'server request log matches test results' '
check_access_log exp
--
2.34.0
next reply other threads:[~2021-12-02 0:39 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-02 0:39 Jan Engelhardt [this message]
2021-12-02 7:38 ` [PATCH] http-backend: give a hint that web browser access is not supported Junio C Hamano
2021-12-02 10:27 ` RFE: Split diff.noprefix for git-diff and git-format-patch (was: http-backend: give a hint that web browser access is not supported) Jan Engelhardt
2021-12-02 17:20 ` RFE: Split diff.noprefix for git-diff and git-format-patch Junio C Hamano
2021-12-02 10:28 ` [PATCH] http-backend: give a hint that web browser access is not supported Jan Engelhardt
2021-12-04 8:09 ` Junio C Hamano
2021-12-04 11:09 ` Jan Engelhardt
2021-12-05 1:17 ` Junio C Hamano
2021-12-05 10:13 ` Jan Engelhardt
2021-12-05 20:13 ` Junio C Hamano
2021-12-05 23:07 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211202003900.26124-1-jengelh@inai.de \
--to=jengelh@inai.de \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).