mirror of
https://github.com/facebook/sapling.git
synced 2024-10-06 23:07:18 +03:00
url: limit expansion to safe auth keys (Issue2328)
Mads Kiilerich pointed out that 1e4ade283b02 was too eager since the prefix and password keys may contain $-signs. So this only add the username to the list of keys that are expanded. This also updates the documentation to match.
This commit is contained in:
parent
74902a4df9
commit
db0d34b21b
@ -232,16 +232,19 @@ Supported arguments:
|
||||
argument, q.v., is then subsequently consulted.
|
||||
``username``
|
||||
Optional. Username to authenticate with. If not given, and the
|
||||
remote site requires basic or digest authentication, the user
|
||||
will be prompted for it.
|
||||
remote site requires basic or digest authentication, the user will
|
||||
be prompted for it. Environment variables are expanded in the
|
||||
username letting you do ``foo.username = $USER``.
|
||||
``password``
|
||||
Optional. Password to authenticate with. If not given, and the
|
||||
remote site requires basic or digest authentication, the user
|
||||
will be prompted for it.
|
||||
``key``
|
||||
Optional. PEM encoded client certificate key file.
|
||||
Optional. PEM encoded client certificate key file. Environment
|
||||
variables are expanded in the filename.
|
||||
``cert``
|
||||
Optional. PEM encoded client certificate chain file.
|
||||
Optional. PEM encoded client certificate chain file. Environment
|
||||
variables are expanded in the filename.
|
||||
``schemes``
|
||||
Optional. Space separated list of URI schemes to use this
|
||||
authentication entry with. Only used if the prefix doesn't include
|
||||
|
@ -156,7 +156,8 @@ class passwordmgr(urllib2.HTTPPasswordMgrWithDefaultRealm):
|
||||
continue
|
||||
group, setting = key.split('.', 1)
|
||||
gdict = config.setdefault(group, dict())
|
||||
val = util.expandpath(val)
|
||||
if setting in ('username', 'cert', 'key'):
|
||||
val = util.expandpath(val)
|
||||
gdict[setting] = val
|
||||
|
||||
# Find the best match
|
||||
|
Loading…
Reference in New Issue
Block a user