]> git.cameronkatri.com Git - cgit.git/blob - ui-blob.c
ui-blob: set CSP just in case
[cgit.git] / ui-blob.c
1 /* ui-blob.c: show blob content
2 *
3 * Copyright (C) 2006-2014 cgit Development Team <cgit@lists.zx2c4.com>
4 *
5 * Licensed under GNU General Public License v2
6 * (see COPYING for full license text)
7 */
8
9 #include "cgit.h"
10 #include "ui-blob.h"
11 #include "html.h"
12 #include "ui-shared.h"
13
14 struct walk_tree_context {
15 const char *match_path;
16 unsigned char *matched_sha1;
17 unsigned int found_path:1;
18 unsigned int file_only:1;
19 };
20
21 static int walk_tree(const unsigned char *sha1, struct strbuf *base,
22 const char *pathname, unsigned mode, int stage, void *cbdata)
23 {
24 struct walk_tree_context *walk_tree_ctx = cbdata;
25
26 if (walk_tree_ctx->file_only && !S_ISREG(mode))
27 return READ_TREE_RECURSIVE;
28 if (strncmp(base->buf, walk_tree_ctx->match_path, base->len)
29 || strcmp(walk_tree_ctx->match_path + base->len, pathname))
30 return READ_TREE_RECURSIVE;
31 memmove(walk_tree_ctx->matched_sha1, sha1, 20);
32 walk_tree_ctx->found_path = 1;
33 return 0;
34 }
35
36 int cgit_ref_path_exists(const char *path, const char *ref, int file_only)
37 {
38 unsigned char sha1[20];
39 unsigned long size;
40 struct pathspec_item path_items = {
41 .match = path,
42 .len = strlen(path)
43 };
44 struct pathspec paths = {
45 .nr = 1,
46 .items = &path_items
47 };
48 struct walk_tree_context walk_tree_ctx = {
49 .match_path = path,
50 .matched_sha1 = sha1,
51 .found_path = 0,
52 .file_only = file_only
53 };
54
55 if (get_sha1(ref, sha1))
56 return 0;
57 if (sha1_object_info(sha1, &size) != OBJ_COMMIT)
58 return 0;
59 read_tree_recursive(lookup_commit_reference(sha1)->tree, "", 0, 0, &paths, walk_tree, &walk_tree_ctx);
60 return walk_tree_ctx.found_path;
61 }
62
63 int cgit_print_file(char *path, const char *head, int file_only)
64 {
65 unsigned char sha1[20];
66 enum object_type type;
67 char *buf;
68 unsigned long size;
69 struct commit *commit;
70 struct pathspec_item path_items = {
71 .match = path,
72 .len = strlen(path)
73 };
74 struct pathspec paths = {
75 .nr = 1,
76 .items = &path_items
77 };
78 struct walk_tree_context walk_tree_ctx = {
79 .match_path = path,
80 .matched_sha1 = sha1,
81 .found_path = 0,
82 .file_only = file_only
83 };
84
85 if (get_sha1(head, sha1))
86 return -1;
87 type = sha1_object_info(sha1, &size);
88 if (type == OBJ_COMMIT) {
89 commit = lookup_commit_reference(sha1);
90 read_tree_recursive(commit->tree, "", 0, 0, &paths, walk_tree, &walk_tree_ctx);
91 if (!walk_tree_ctx.found_path)
92 return -1;
93 type = sha1_object_info(sha1, &size);
94 }
95 if (type == OBJ_BAD)
96 return -1;
97 buf = read_sha1_file(sha1, &type, &size);
98 if (!buf)
99 return -1;
100 buf[size] = '\0';
101 html_raw(buf, size);
102 free(buf);
103 return 0;
104 }
105
106 void cgit_print_blob(const char *hex, char *path, const char *head, int file_only)
107 {
108 unsigned char sha1[20];
109 enum object_type type;
110 char *buf;
111 unsigned long size;
112 struct commit *commit;
113 struct pathspec_item path_items = {
114 .match = path,
115 .len = path ? strlen(path) : 0
116 };
117 struct pathspec paths = {
118 .nr = 1,
119 .items = &path_items
120 };
121 struct walk_tree_context walk_tree_ctx = {
122 .match_path = path,
123 .matched_sha1 = sha1,
124 .found_path = 0,
125 .file_only = file_only
126 };
127
128 if (hex) {
129 if (get_sha1_hex(hex, sha1)) {
130 cgit_print_error_page(400, "Bad request",
131 "Bad hex value: %s", hex);
132 return;
133 }
134 } else {
135 if (get_sha1(head, sha1)) {
136 cgit_print_error_page(404, "Not found",
137 "Bad ref: %s", head);
138 return;
139 }
140 }
141
142 type = sha1_object_info(sha1, &size);
143
144 if ((!hex) && type == OBJ_COMMIT && path) {
145 commit = lookup_commit_reference(sha1);
146 read_tree_recursive(commit->tree, "", 0, 0, &paths, walk_tree, &walk_tree_ctx);
147 type = sha1_object_info(sha1,&size);
148 }
149
150 if (type == OBJ_BAD) {
151 cgit_print_error_page(404, "Not found",
152 "Bad object name: %s", hex);
153 return;
154 }
155
156 buf = read_sha1_file(sha1, &type, &size);
157 if (!buf) {
158 cgit_print_error_page(500, "Internal server error",
159 "Error reading object %s", hex);
160 return;
161 }
162
163 buf[size] = '\0';
164 if (buffer_is_binary(buf, size))
165 ctx.page.mimetype = "application/octet-stream";
166 else
167 ctx.page.mimetype = "text/plain";
168 ctx.page.filename = path;
169
170 html("X-Content-Type-Options: nosniff\n");
171 html("Content-Security-Policy: default-src 'none'\n");
172 cgit_print_http_headers();
173 html_raw(buf, size);
174 free(buf);
175 }