X-Git-Url: https://git.cameronkatri.com/cgit.git/blobdiff_plain/db8b8cb9467625cb8d9ecb67863aa67590e59cc0..fb804a353780633b23a5452b3893fcc9f3705431:/ui-plain.c diff --git a/ui-plain.c b/ui-plain.c index 27c6dae..cfdbf73 100644 --- a/ui-plain.c +++ b/ui-plain.c @@ -1,93 +1,206 @@ /* ui-plain.c: functions for output of plain blobs by path * - * Copyright (C) 2008 Lars Hjemli + * Copyright (C) 2006-2014 cgit Development Team * * Licensed under GNU General Public License v2 * (see COPYING for full license text) */ #include "cgit.h" +#include "ui-plain.h" #include "html.h" #include "ui-shared.h" -char *curr_rev; -char *match_path; -int match; +struct walk_tree_context { + int match_baselen; + int match; +}; -static void print_object(const unsigned char *sha1, const char *path) +static int print_object(const unsigned char *sha1, const char *path) { enum object_type type; - char *buf, *ext; + char *buf, *mimetype; unsigned long size; - struct string_list_item *mime; type = sha1_object_info(sha1, &size); if (type == OBJ_BAD) { - html_status(404, "Not found", 0); - return; + cgit_print_error_page(404, "Not found", "Not found"); + return 0; } buf = read_sha1_file(sha1, &type, &size); if (!buf) { - html_status(404, "Not found", 0); - return; + cgit_print_error_page(404, "Not found", "Not found"); + return 0; } - ctx.page.mimetype = NULL; - ext = strrchr(path, '.'); - if (ext && *(++ext)) { - mime = string_list_lookup(ext, &ctx.cfg.mimetypes); - if (mime) - ctx.page.mimetype = (char *)mime->util; + + mimetype = get_mimetype_for_filename(path); + ctx.page.mimetype = mimetype; + + if (!ctx.repo->enable_html_serving) { + html("X-Content-Type-Options: nosniff\n"); + html("Content-Security-Policy: default-src 'none'\n"); + if (mimetype) { + /* Built-in white list allows PDF and everything that isn't text/ and application/ */ + if ((!strncmp(mimetype, "text/", 5) || !strncmp(mimetype, "application/", 12)) && strcmp(mimetype, "application/pdf")) + ctx.page.mimetype = NULL; + } } + if (!ctx.page.mimetype) { - if (buffer_is_binary(buf, size)) + if (buffer_is_binary(buf, size)) { ctx.page.mimetype = "application/octet-stream"; - else + ctx.page.charset = NULL; + } else { ctx.page.mimetype = "text/plain"; + } } - ctx.page.filename = fmt("%s", path); + ctx.page.filename = path; ctx.page.size = size; ctx.page.etag = sha1_to_hex(sha1); - cgit_print_http_headers(&ctx); + cgit_print_http_headers(); html_raw(buf, size); - match = 1; + free(mimetype); + free(buf); + return 1; +} + +static char *buildpath(const char *base, int baselen, const char *path) +{ + if (path[0]) + return fmtalloc("%.*s%s/", baselen, base, path); + else + return fmtalloc("%.*s/", baselen, base); +} + +static void print_dir(const unsigned char *sha1, const char *base, + int baselen, const char *path) +{ + char *fullpath, *slash; + size_t len; + + fullpath = buildpath(base, baselen, path); + slash = (fullpath[0] == '/' ? "" : "/"); + ctx.page.etag = sha1_to_hex(sha1); + cgit_print_http_headers(); + htmlf("%s", slash); + html_txt(fullpath); + htmlf("\n\n

%s", slash); + html_txt(fullpath); + html("

\n\n\n"); +} + +static int walk_tree(const unsigned char *sha1, struct strbuf *base, + const char *pathname, unsigned mode, int stage, void *cbdata) +{ + struct walk_tree_context *walk_tree_ctx = cbdata; + + if (base->len == walk_tree_ctx->match_baselen) { + if (S_ISREG(mode) || S_ISLNK(mode)) { + if (print_object(sha1, pathname)) + walk_tree_ctx->match = 1; + } else if (S_ISDIR(mode)) { + print_dir(sha1, base->buf, base->len, pathname); + walk_tree_ctx->match = 2; + return READ_TREE_RECURSIVE; + } + } else if (base->len < INT_MAX && (int)base->len > walk_tree_ctx->match_baselen) { + print_dir_entry(sha1, base->buf, base->len, pathname, mode); + walk_tree_ctx->match = 2; + } else if (S_ISDIR(mode)) { return READ_TREE_RECURSIVE; + } - if (S_ISREG(mode)) - print_object(sha1, pathname); + return 0; +} +static int basedir_len(const char *path) +{ + char *p = strrchr(path, '/'); + if (p) + return p - path + 1; return 0; } -void cgit_print_plain(struct cgit_context *ctx) +void cgit_print_plain(void) { - const char *rev = ctx->qry.sha1; - unsigned char sha1[20]; + const char *rev = ctx.qry.sha1; + struct object_id oid; struct commit *commit; - const char *paths[] = {ctx->qry.path, NULL}; + struct pathspec_item path_items = { + .match = ctx.qry.path, + .len = ctx.qry.path ? strlen(ctx.qry.path) : 0 + }; + struct pathspec paths = { + .nr = 1, + .items = &path_items + }; + struct walk_tree_context walk_tree_ctx = { + .match = 0 + }; if (!rev) - rev = ctx->qry.head; + rev = ctx.qry.head; - curr_rev = xstrdup(rev); - if (get_sha1(rev, sha1)) { - html_status(404, "Not found", 0); + if (get_oid(rev, &oid)) { + cgit_print_error_page(404, "Not found", "Not found"); return; } - commit = lookup_commit_reference(sha1); + commit = lookup_commit_reference(&oid); if (!commit || parse_commit(commit)) { - html_status(404, "Not found", 0); + cgit_print_error_page(404, "Not found", "Not found"); return; } - match_path = ctx->qry.path; - read_tree_recursive(commit->tree, NULL, 0, 0, paths, walk_tree, NULL); - if (!match) - html_status(404, "Not found", 0); + if (!path_items.match) { + path_items.match = ""; + walk_tree_ctx.match_baselen = -1; + print_dir(commit->tree->object.oid.hash, "", 0, ""); + walk_tree_ctx.match = 2; + } + else + walk_tree_ctx.match_baselen = basedir_len(path_items.match); + read_tree_recursive(commit->tree, "", 0, 0, &paths, walk_tree, &walk_tree_ctx); + if (!walk_tree_ctx.match) + cgit_print_error_page(404, "Not found", "Not found"); + else if (walk_tree_ctx.match == 2) + print_dir_tail(); }