summaryrefslogtreecommitdiff
path: root/t/t5812-proto-disable-http.sh
diff options
context:
space:
mode:
authorBlake Burkhart <bburky@bburky.com>2015-09-22 22:06:20 (GMT)
committerJunio C Hamano <gitster@pobox.com>2015-09-25 22:32:28 (GMT)
commitb258116462399b318c86165c61a5c7123043cfd4 (patch)
tree0fab49f2d65cee265a23f3b95e84c57a0e38430f /t/t5812-proto-disable-http.sh
parentf4113cac0c88b4f36ee6f3abf3218034440a68e3 (diff)
downloadgit-b258116462399b318c86165c61a5c7123043cfd4.zip
git-b258116462399b318c86165c61a5c7123043cfd4.tar.gz
git-b258116462399b318c86165c61a5c7123043cfd4.tar.bz2
http: limit redirection depth
By default, libcurl will follow circular http redirects forever. Let's put a cap on this so that somebody who can trigger an automated fetch of an arbitrary repository (e.g., for CI) cannot convince git to loop infinitely. The value chosen is 20, which is the same default that Firefox uses. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 't/t5812-proto-disable-http.sh')
-rwxr-xr-xt/t5812-proto-disable-http.sh4
1 files changed, 4 insertions, 0 deletions
diff --git a/t/t5812-proto-disable-http.sh b/t/t5812-proto-disable-http.sh
index 6a4f816..0d105d5 100755
--- a/t/t5812-proto-disable-http.sh
+++ b/t/t5812-proto-disable-http.sh
@@ -25,5 +25,9 @@ test_expect_success 'curl redirects respect whitelist' '
}
'
+test_expect_success 'curl limits redirects' '
+ test_must_fail git clone "$HTTPD_URL/loop-redir/smart/repo.git"
+'
+
stop_httpd
test_done