Mercurial > kallithea

view .hgignore @ 5523:38d1c99cd000 stable

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
login: enhance came_from validation Drop urlparse and just validate that came_from is a RFC 3986 compliant path. This blocks an HTTP header injection vulnerability discovered by Gjoko Krstic <gjoko@zeroscience.mk> of Zero Science Lab (CVE-2015-5285)
author Søren Løvborg <sorenl@unity3d.com>
date Wed, 23 Sep 2015 16:09:14 +0200
parents bfa66e8887d7
children 9358211ee144
line wrap: on
line source

syntax: glob
*.pyc
*.swp
*.sqlite
*.tox
*.egg-info
*.egg
*.mo
.eggs/
tarballcache/

syntax: regexp
^rcextensions
^build
^dist/
^docs/build/
^docs/_build/
^data$
^kallithea/tests/data$
^sql_dumps/
^\.settings$
^\.project$
^\.pydevproject$
^\.coverage$
^kallithea\.db$
^test\.db$
^Kallithea\.egg-info$
^my\.ini$
^fabfile.py
^\.idea$
^\.cache$