ui: introduce an experimental dict of exportable environment variables

Care needs to be taken to prevent leaking potentially sensitive environment variables through hgweb, if template support for environment variables is to be introduced. There are a few ideas about the API for preventing accidental leaking [1]. Option 3 seems best from the POV of not needing to configure anything in the normal case. I couldn't figure out how to do that, so guard it with an experimental option for now. [1] https://www.mercurial-scm.org/pipermail/mercurial-devel/2017-January/092383.html
2024-10-07 23:38:50 +03:00 · 2017-01-17 23:05:12 -05:00 · 2017-01-17 23:05:12 -05:00 · 5a63dbb230
commit 5a63dbb230
parent 10cc5b4f2f
1 changed files with 15 additions and 0 deletions
--- a/mercurial/ui.py
+++ b/mercurial/ui.py
@ -147,6 +147,15 @@ class ui(object):

            self.httppasswordmgrdb = urlreq.httppasswordmgrwithdefaultrealm()

+        allowed = self.configlist('experimental', 'exportableenviron')
+        if '*' in allowed:
+            self._exportableenviron = self.environ
+        else:
+            self._exportableenviron = {}
+            for k in allowed:
+                if k in self.environ:
+                    self._exportableenviron[k] = self.environ[k]
+
    @classmethod
    def load(cls):
        """Create a ui and load global and user configs"""
@ -1211,6 +1220,12 @@ class ui(object):
                " update your code.)") % version
        self.develwarn(msg, stacklevel=2, config='deprec-warn')

+    def exportableenviron(self):
+        """The environment variables that are safe to export, e.g. through
+        hgweb.
+        """
+        return self._exportableenviron
+
    @contextlib.contextmanager
    def configoverride(self, overrides, source=""):
        """Context manager for temporary config overrides