routes: disable git push

Anirudh Oppiliappan x@icyphox.sh

Wed, 14 Dec 2022 21:40:01 +0530

commit

f8829d9e14bb3c971eee363ece5d5adebe2f2f56

parent

abe300762f2f01cddeabad1bc98b0dfee599a5e8

1 files changed, 9 insertions(+), 6 deletions(-)

jump to

routes/handler.go

M routes/handler.go → routes/handler.go

@@ -4,7 +4,6 @@ import ( 	"log"
 	"net/http"
 	"path/filepath"
-	"regexp"
 
 	"github.com/alexedwards/flow"
 	"github.com/sosedoff/gitkit"
@@ -16,20 +15,24 @@ actualDeps deps 	gitsvc     *gitkit.Server
 }
 
-// Checks for gitprotocol-http(5) specific query params; if found, passes
+// Checks for gitprotocol-http(5) specific smells; if found, passes
 // the request on to the git http service, else render the web frontend.
 func (dw *depsWrapper) Multiplex(w http.ResponseWriter, r *http.Request) {
 	path := flow.Param(r.Context(), "...")
 	name := flow.Param(r.Context(), "name")
 	name = filepath.Clean(name)
-	gitCommand := regexp.MustCompile(`git-(upload|receive)-pack`)
+
+	if r.URL.RawQuery == "service=git-receive-pack" {
+		w.WriteHeader(http.StatusBadRequest)
+		w.Write([]byte("no pushing allowed!"))
+		return
+	}
 
-	if path == "info/refs" && gitCommand.MatchString(r.URL.RawQuery) && r.Method == "GET" {
+	if path == "info/refs" && r.URL.RawQuery == "service=git-upload-pack" && r.Method == "GET" {
 		dw.gitsvc.ServeHTTP(w, r)
-	} else if gitCommand.MatchString(path) && r.Method == "POST" {
+	} else if path == "git-upload-pack" && r.Method == "POST" {
 		dw.gitsvc.ServeHTTP(w, r)
 	} else if r.Method == "GET" {
-		log.Println("index:", r.URL.String())
 		dw.actualDeps.RepoIndex(w, r)
 	}
 }

all repos — elgit @ f8829d9e14bb3c971eee363ece5d5adebe2f2f56

fork of legit: web frontend for git, written in go