Finish issue #510 ("Block the expensive display of binary files").
Add a new configuration option 'binary_mime_types' which accepts a comma-delimited list of MIME content type patterns ('text/plain', or 'image/*', etc.) against which versioned file MIME types are compared for the purposes of deciding whether to allow their display in the 'markup', 'annotate', 'diff' and 'patch' views. * conf/viewvc.conf.dist (binary_mime_types): Describe new option. * lib/config.py (_force_multi_value): Add 'binary_file_types' to the list of multi-value options. (Config.set_defaults): Initialize cfg.options.binary_mime_types. * lib/viewvc.py (is_binary_file_mime_type): New function. (get_file_view_info): Use is_binary_file_mime_type() to determine whether to return links to content-ful views of the input file. (markup_or_annotate, view_diff): Use is_binary_file_mime_type() to deny display of so-deemed binary files. git-svn-id: http://viewvc.tigris.org/svn/viewvc/trunk@2784 8cb11bc2-c004-0410-86c3-e597b4017df7trunk
parent
adfa50c9b4
commit
00feefc3dc
|
@ -383,6 +383,24 @@
|
|||
##
|
||||
#allowed_views = annotate, diff, markup, roots
|
||||
|
||||
## Comma-delimited list of MIME content types (with support for fnmatch-
|
||||
## style glob characters) which are considered not-human-readable and for
|
||||
## which ViewVC will neither generate links to, nor support the direct
|
||||
## display of, non-checkout views which carry the file's content (the
|
||||
## 'markup', 'annotate', 'diff', and 'patch' views).
|
||||
##
|
||||
## NOTE: Handling of this option is given priority over ViewVC's
|
||||
## longstanding support for showing web-friendly file formats -- even
|
||||
## binary ones such as "image/jpeg" and "image/gif" -- in the 'markup'
|
||||
## view. Thus, if you add "image/*" to this list, 'markup'-view
|
||||
## display of JPEG, GIF, and PNG images will be disabled.
|
||||
##
|
||||
## Example:
|
||||
## binary_mime_types = application/octet-stream, image/*, application/pdf,
|
||||
## application/vnd*, application/msword, audio/*
|
||||
#
|
||||
#binary_mime_types =
|
||||
|
||||
## authorizer: The name of the ViewVC authorizer plugin to use when
|
||||
## authorizing access to repository contents. This value must be the
|
||||
## name of a Python module addressable as vcauth.MODULENAME (most
|
||||
|
|
|
@ -111,6 +111,7 @@ class Config:
|
|||
_force_multi_value = (
|
||||
# Configuration values with multiple, comma-separated values.
|
||||
'allowed_views',
|
||||
'binary_mime_types',
|
||||
'custom_log_formatting',
|
||||
'cvs_roots',
|
||||
'kv_files',
|
||||
|
@ -399,6 +400,7 @@ class Config:
|
|||
self.options.mangle_email_addresses = 0
|
||||
self.options.custom_log_formatting = []
|
||||
self.options.default_file_view = "log"
|
||||
self.options.binary_mime_types = []
|
||||
self.options.http_expiration_time = 600
|
||||
self.options.generate_etags = 1
|
||||
self.options.svn_ignore_mimetype = 0
|
||||
|
|
|
@ -26,6 +26,7 @@ import sys
|
|||
import os
|
||||
import calendar
|
||||
import copy
|
||||
import fnmatch
|
||||
import gzip
|
||||
import mimetypes
|
||||
import re
|
||||
|
@ -1023,6 +1024,15 @@ def default_view(mime_type, cfg):
|
|||
return view_markup
|
||||
return view_checkout
|
||||
|
||||
def is_binary_file_mime_type(mime_type, cfg):
|
||||
"""Return True iff MIME_TYPE is set and matches one of the binary
|
||||
file mime type patterns in CFG."""
|
||||
if mime_type:
|
||||
for pattern in cfg.options.binary_mime_types:
|
||||
if fnmatch.fnmatch(mime_type, pattern):
|
||||
return True
|
||||
return False
|
||||
|
||||
def get_file_view_info(request, where, rev=None, mime_type=None, pathrev=-1):
|
||||
"""Return an object holding common hrefs and a viewability flag used
|
||||
for various views of FILENAME at revision REV whose MIME type is
|
||||
|
@ -1083,7 +1093,12 @@ def get_file_view_info(request, where, rev=None, mime_type=None, pathrev=-1):
|
|||
params={'revision': rev},
|
||||
escape=1)
|
||||
|
||||
prefer_markup = default_view(mime_type, request.cfg) == view_markup
|
||||
is_binary_file = is_binary_file_mime_type(mime_type, request.cfg)
|
||||
if is_binary_file:
|
||||
download_text_href = annotate_href = view_href = None
|
||||
prefer_markup = False
|
||||
else:
|
||||
prefer_markup = default_view(mime_type, request.cfg) == view_markup
|
||||
|
||||
return _item(view_href=view_href,
|
||||
download_href=download_href,
|
||||
|
@ -1839,6 +1854,11 @@ def markup_or_annotate(request, is_annotate):
|
|||
revision = None
|
||||
mime_type, encoding = calculate_mime_type(request, path, rev)
|
||||
|
||||
# Is this display blocked by 'binary_mime_types' configuration?
|
||||
if is_binary_file_mime_type(mime_type, cfg):
|
||||
raise debug.ViewVCException('Display of binary file content disabled '
|
||||
'by configuration', '403 Forbidden')
|
||||
|
||||
# Is this a viewable image type?
|
||||
if is_viewable_image(mime_type) \
|
||||
and 'co' in cfg.options.allowed_views:
|
||||
|
@ -3359,6 +3379,13 @@ def view_patch(request):
|
|||
query_dict = request.query_dict
|
||||
p1, p2, rev1, rev2, sym1, sym2 = setup_diff(request)
|
||||
|
||||
mime_type1, encoding1 = calculate_mime_type(request, p1, rev1)
|
||||
mime_type2, encoding2 = calculate_mime_type(request, p2, rev2)
|
||||
if is_binary_file_mime_type(mime_type1, cfg) or \
|
||||
is_binary_file_mime_type(mime_type2, cfg):
|
||||
raise debug.ViewVCException('Display of binary file content disabled '
|
||||
'by configuration', '403 Forbidden')
|
||||
|
||||
# In the absence of a format dictation in the CGI params, we'll let
|
||||
# use the configured diff format, allowing 'c' to mean 'c' and
|
||||
# anything else to mean 'u'.
|
||||
|
@ -3649,6 +3676,13 @@ def view_diff(request):
|
|||
|
||||
p1, p2, rev1, rev2, sym1, sym2 = setup_diff(request)
|
||||
|
||||
mime_type1, encoding1 = calculate_mime_type(request, p1, rev1)
|
||||
mime_type2, encoding2 = calculate_mime_type(request, p2, rev2)
|
||||
if is_binary_file_mime_type(mime_type1, cfg) or \
|
||||
is_binary_file_mime_type(mime_type2, cfg):
|
||||
raise debug.ViewVCException('Display of binary file content disabled '
|
||||
'by configuration', '403 Forbidden')
|
||||
|
||||
# since templates are in use and subversion allows changes to the dates,
|
||||
# we can't provide a strong etag
|
||||
if check_freshness(request, None, '%s-%s' % (rev1, rev2), weak=1):
|
||||
|
|
Loading…
Reference in New Issue