diff options
| author | zeripath <art27@cantab.net> | 2021-05-27 19:46:11 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-05-27 19:46:11 +0100 |
| commit | 6d6a65cf5cc13deddd96bb76b773667d068823d4 (patch) | |
| tree | f01a4e49ac2850b4b7ca6a46dcb2ecf1eee53dbc /modules/auth/sso/sso.go | |
| parent | b27a9d43a5c0b473c30b6137e0309d103793dcad (diff) | |
| download | gitea-6d6a65cf5cc13deddd96bb76b773667d068823d4.tar.gz gitea-6d6a65cf5cc13deddd96bb76b773667d068823d4.zip | |
Allow Token/Basic auth on raw paths (#15987)
It appears that people have been using token authentication to navigate to raw paths
and recent changes have broken this. Whilst ideally these paths would not be being used
like this - it was not the intention to be a breaking change.
This PR restores access to these paths.
Fix #13772
Signed-off-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'modules/auth/sso/sso.go')
| -rw-r--r-- | modules/auth/sso/sso.go | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/modules/auth/sso/sso.go b/modules/auth/sso/sso.go index 2f949cb0f8..8543ceb2ff 100644 --- a/modules/auth/sso/sso.go +++ b/modules/auth/sso/sso.go @@ -104,11 +104,11 @@ func isAttachmentDownload(req *http.Request) bool { return strings.HasPrefix(req.URL.Path, "/attachments/") && req.Method == "GET" } -var gitPathRe = regexp.MustCompile(`^/[a-zA-Z0-9_.-]+/[a-zA-Z0-9_.-]+/(?:(?:git-(?:(?:upload)|(?:receive))-pack$)|(?:info/refs$)|(?:HEAD$)|(?:objects/))`) +var gitRawPathRe = regexp.MustCompile(`^/[a-zA-Z0-9_.-]+/[a-zA-Z0-9_.-]+/(?:(?:git-(?:(?:upload)|(?:receive))-pack$)|(?:info/refs$)|(?:HEAD$)|(?:objects/)|raw/)`) var lfsPathRe = regexp.MustCompile(`^/[a-zA-Z0-9_.-]+/[a-zA-Z0-9_.-]+/info/lfs/`) -func isGitOrLFSPath(req *http.Request) bool { - if gitPathRe.MatchString(req.URL.Path) { +func isGitRawOrLFSPath(req *http.Request) bool { + if gitRawPathRe.MatchString(req.URL.Path) { return true } if setting.LFS.StartServer { |