summaryrefslogtreecommitdiff
path: root/http.h
diff options
context:
space:
mode:
authorJunio C Hamano <gitster@pobox.com>2016-12-19 22:45:31 (GMT)
committerJunio C Hamano <gitster@pobox.com>2016-12-19 22:45:32 (GMT)
commit8a2882f23ecce3a8742743555a408e508d4db806 (patch)
tree3e543652bc74d5401d6c3858410ad434ae02451a /http.h
parent73e494f86239b7edcf44f4c185c997b05c0e763b (diff)
parentcb4d2d35c4622ec2513c1c352d30ff8f9f9cdb9e (diff)
downloadgit-8a2882f23ecce3a8742743555a408e508d4db806.zip
git-8a2882f23ecce3a8742743555a408e508d4db806.tar.gz
git-8a2882f23ecce3a8742743555a408e508d4db806.tar.bz2
Merge branch 'jk/http-walker-limit-redirect-2.9'
Transport with dumb http can be fooled into following foreign URLs that the end user does not intend to, especially with the server side redirects and http-alternates mechanism, which can lead to security issues. Tighten the redirection and make it more obvious to the end user when it happens. * jk/http-walker-limit-redirect-2.9: http: treat http-alternates like redirects http: make redirects more obvious remote-curl: rename shadowed options variable http: always update the base URL for redirects http: simplify update_url_from_redirect
Diffstat (limited to 'http.h')
-rw-r--r--http.h10
1 files changed, 9 insertions, 1 deletions
diff --git a/http.h b/http.h
index 5ab9d9c..02bccb7 100644
--- a/http.h
+++ b/http.h
@@ -116,6 +116,13 @@ extern struct credential http_auth;
extern char curl_errorstr[CURL_ERROR_SIZE];
+enum http_follow_config {
+ HTTP_FOLLOW_NONE,
+ HTTP_FOLLOW_ALWAYS,
+ HTTP_FOLLOW_INITIAL
+};
+extern enum http_follow_config http_follow_config;
+
static inline int missing__target(int code, int result)
{
return /* file:// URL -- do we ever use one??? */
@@ -139,7 +146,8 @@ extern char *get_remote_object_url(const char *url, const char *hex,
/* Options for http_get_*() */
struct http_get_options {
unsigned no_cache:1,
- keep_error:1;
+ keep_error:1,
+ initial_request:1;
/* If non-NULL, returns the content-type of the response. */
struct strbuf *content_type;