diff options
| author | Junio C Hamano <gitster@pobox.com> | 2016-12-19 14:45:31 -0800 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2016-12-19 14:45:32 -0800 |
| commit | 8a2882f23ecce3a8742743555a408e508d4db806 (patch) | |
| tree | 3e543652bc74d5401d6c3858410ad434ae02451a /http.h | |
| parent | 73e494f86239b7edcf44f4c185c997b05c0e763b (diff) | |
| parent | cb4d2d35c4622ec2513c1c352d30ff8f9f9cdb9e (diff) | |
| download | git-8a2882f23ecce3a8742743555a408e508d4db806.tar.gz | |
Merge branch 'jk/http-walker-limit-redirect-2.9'
Transport with dumb http can be fooled into following foreign URLs
that the end user does not intend to, especially with the server
side redirects and http-alternates mechanism, which can lead to
security issues. Tighten the redirection and make it more obvious
to the end user when it happens.
* jk/http-walker-limit-redirect-2.9:
http: treat http-alternates like redirects
http: make redirects more obvious
remote-curl: rename shadowed options variable
http: always update the base URL for redirects
http: simplify update_url_from_redirect
Diffstat (limited to 'http.h')
| -rw-r--r-- | http.h | 10 |
1 files changed, 9 insertions, 1 deletions
@@ -116,6 +116,13 @@ extern struct credential http_auth; extern char curl_errorstr[CURL_ERROR_SIZE]; +enum http_follow_config { + HTTP_FOLLOW_NONE, + HTTP_FOLLOW_ALWAYS, + HTTP_FOLLOW_INITIAL +}; +extern enum http_follow_config http_follow_config; + static inline int missing__target(int code, int result) { return /* file:// URL -- do we ever use one??? */ @@ -139,7 +146,8 @@ extern char *get_remote_object_url(const char *url, const char *hex, /* Options for http_get_*() */ struct http_get_options { unsigned no_cache:1, - keep_error:1; + keep_error:1, + initial_request:1; /* If non-NULL, returns the content-type of the response. */ struct strbuf *content_type; |