ui-snapshot: filter permitted snapshot requests

Currently the snapshots configuration option only filters which links
are displayed, not which snapshots may be generated and downloaded.
Apply the filter also to requests to ensure that the system policy is
enforced.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>

diff --git a/ui-snapshot.c b/ui-snapshot.c
index b9e2a36f9dd57a475c364437c7de82d487986565..abf83995011075db6668810a8df3da993fc109d5 100644 (file)
--- a/ui-snapshot.c
+++ b/ui-snapshot.c
@@ -194,7 +194,7 @@ void cgit_print_snapshot(const char *head, const char *hex,
        }
 
        f = get_format(filename);
-       if (!f) {
+       if (!f || !(ctx.repo->snapshots & f->bit)) {
                cgit_print_error_page(400, "Bad request",
                                "Unsupported snapshot format: %s", filename);
                return;