Mercurial > kallithea
annotate init.d/celeryd-upstart.conf @ 7552:e74aa69f6827 stable
lib: sanitize HTML for all types of README rendering, not only markdown
The repository summary page will display a rendered version of the
repository 'readme' based on its file extension. In commit 5746cc3b3fa5,
the rendered output was already sanitized when the input was markdown.
However, also readmes written in other formats, like ReStructuredText (RST)
or plain text could have content that we want sanitized.
Therefore, move the sanitizing one level up so it covers all renderers, for
now and the future.
This fixes an XSS issue when a repository readme contains javascript code,
which would be executed when the repository summary page is visited by a
user.
Reported by Bob Hogg <wombat@rwhogg.site> (thanks!).
author | Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> |
---|---|
date | Sat, 26 Jan 2019 20:27:50 +0100 |
parents | 24c0d584ba86 |
children | e285bb7abb28 |
rev | line source |
---|---|
4190
99ad9d0af1a3
Rename init scripts and fix references inside them
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
1811
diff
changeset
|
1 # celeryd - run the celeryd daemon as an upstart job for kallithea |
1811
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
2 # Change variables/paths as necessary and place file /etc/init/celeryd.conf |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
3 # start/stop/restart as normal upstart job (ie: $ start celeryd) |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
4 |
4212
24c0d584ba86
General renaming to Kallithea
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
4190
diff
changeset
|
5 description "Celery for Kallithea Mercurial Server" |
1811
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
6 author "Matt Zuba <matt.zuba@goodwillaz.org" |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
7 |
4190
99ad9d0af1a3
Rename init scripts and fix references inside them
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
1811
diff
changeset
|
8 start on starting kallithea |
99ad9d0af1a3
Rename init scripts and fix references inside them
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
1811
diff
changeset
|
9 stop on stopped kallithea |
1811
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
10 |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
11 respawn |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
12 |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
13 umask 0022 |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
14 |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
15 env PIDFILE=/tmp/celeryd.pid |
4190
99ad9d0af1a3
Rename init scripts and fix references inside them
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
1811
diff
changeset
|
16 env APPINI=/var/hg/kallithea/production.ini |
1811
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
17 env HOME=/var/hg |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
18 env USER=hg |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
19 # To use group (if different from user), you must edit sudoers file and change |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
20 # root's entry from (ALL) to (ALL:ALL) |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
21 # env GROUP=hg |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
22 |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
23 script |
4190
99ad9d0af1a3
Rename init scripts and fix references inside them
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
1811
diff
changeset
|
24 COMMAND="/var/hg/.virtualenvs/kallithea/bin/paster celeryd $APPINI --pidfile=$PIDFILE" |
1811
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
25 if [ -z "$GROUP" ]; then |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
26 exec sudo -u $USER $COMMAND |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
27 else |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
28 exec sudo -u $USER -g $GROUP $COMMAND |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
29 fi |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
30 end script |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
31 |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
32 post-stop script |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
33 rm -f $PIDFILE |
58df0b3ed377
Add Celery upstart file and fix post-stop for rhodecode upstart
Matt Zuba <matt.zuba@goodwillaz.org>
parents:
diff
changeset
|
34 end script |