SCM-Manager

mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-15 17:56:17 +01:00

Author	SHA1	Message	Date
Gábor Stefanik	e230c0f4cd	make {extras} work on old versions of Hg	2018-04-06 20:30:15 +00:00
Sebastian Sdorra	7ed4dbcf00	fix hgweb execution for mercurial versions prior 4.1	2018-04-06 14:01:00 +02:00
Sebastian Sdorra	3d401b93ea	#970 added help text for enable httppostargs	2018-04-03 11:56:51 +02:00
Sebastian Sdorra	acebd0f25e	#970 wrap requests only if http postargs is enabled	2018-04-03 11:14:05 +02:00
Sebastian Sdorra	8047d36028	#970 use iso-8859-1 for http post args instead of us-ascii	2018-04-03 11:00:16 +02:00
Sebastian Sdorra	b43e406b76	#970 initial support of mercurials httppostargs protocol	2018-03-30 11:20:22 +02:00
Sebastian Sdorra	a34acd8ed4	#970 added option to enable the experimental httppostargs protocol of mercurial	2018-03-29 22:14:28 +02:00
Sebastian Sdorra	8aaa67cd6a	#970 inspect mercurial commands in order to detect write requests The HgPermissionFilter will now inspect the used mercurial command, of all requests which are using a read method like GET, HEAD, OPTIONS or TRACE and tread every one as write request, expect: - no command was specified with the request (this is required for the hgweb ui) - the command in the query string was found in the list of read commands - if query string contains the batch command, then all commands specified in X-HgArg headers must be in the list of read commands This change is required, in order to fix CVE-2018-1000132 for SCM-Manager.	2018-03-29 20:26:56 +02:00
Sebastian Sdorra	e7dd54c133	#970 added ngrep dumps for mercurial wire protocol and more realistic tests for isWriteRequest	2018-03-29 10:21:34 +02:00
Sebastian Sdorra	7d94b03a04	#959 added option to disable ssl validation for scm mercurial hook	2018-02-23 08:44:22 +01:00
Gábor Stefanik	77eea15417	oops... don't interpret "close=junk" as "close=1"	2017-09-18 12:34:50 +00:00
Gábor Stefanik	14ee6ef0d6	prevent binary data in {extras} from interfering with UTF-8 decoding	2017-09-18 12:30:20 +00:00
Sebastian Sdorra	3637a8de20	switch from jersey 1.x to resteasy	2017-06-27 20:16:05 +02:00
Sebastian Sdorra	aec3d5d65d	merge with branch 1.x	2017-06-25 19:01:33 +02:00
Sebastian Sdorra	b51fba2282	fix repository browsing with mercurial 4.x	2017-06-06 08:14:04 +02:00
Sebastian Sdorra	f142e1a83f	merge with branch 1.x	2017-01-14 13:25:25 +01:00
Sebastian Sdorra	7e6f4e1a7f	fix some warning and removed some unused imports	2017-01-14 12:05:53 +01:00
Sebastian Sdorra	c149b180a1	use newer repository client api	2017-01-14 11:48:42 +01:00
Sebastian Sdorra	bad99919f4	merge with branch 1.x	2017-01-12 19:50:39 +01:00
Sebastian Sdorra	5332ac2466	refactor store api	2016-12-11 21:31:05 +01:00
Sebastian Sdorra	c6f66c1a32	merge with branch issue-859	2016-10-03 10:53:26 +02:00
Sebastian Sdorra	264a1af634	treat HEAD, OPTIONS and TRACE as mercurial read requests not only GET, see issue #859	2016-09-30 22:23:14 +02:00
Sebastian Sdorra	c988b01ab7	remove test hook	2016-09-29 09:23:13 +02:00
Sebastian Sdorra	617ed81b53	implemented HookTagProvider api for mercurial	2016-09-29 09:11:53 +02:00
Sebastian Sdorra	1cf399ab2d	implement mercurial repository test client	2016-07-26 00:16:14 +02:00
Sebastian Sdorra	b5383f4073	fix loading of repository handler informations on some systems, see issue #841	2016-06-24 17:58:02 +02:00
Sebastian Sdorra	0f1ac3f952	expose latest changeset id of branch	2015-06-13 19:56:16 +02:00
Sebastian Sdorra	bdb202dd8c	track time for processing mercurial request on debug logging	2015-06-11 22:10:32 +02:00
Sebastian Sdorra	656085c698	use ahc for internal http operations	2015-05-17 14:04:58 +02:00
Sebastian Sdorra	debcacb61f	use basic authorization header for mercurial hook authentication	2015-03-21 15:56:51 +01:00
Sebastian Sdorra	b2e1c1e1f8	do not create http session to pass mercurial environment for cgi	2015-03-21 15:55:25 +01:00
Sebastian Sdorra	be385e4f2e	implement a new authentication filter, which uses a set of WebTokenGenerator to handle authentication requests	2015-02-21 21:06:35 +01:00
Sebastian Sdorra	e5184ac6a0	merge with branch issue-627	2015-02-10 20:50:06 +01:00
Sebastian Sdorra	8ccaaf3695	remove auto login modules because they are not longer needed, since we can determine the order of the filter chain	2015-02-06 22:41:34 +01:00
Sebastian Sdorra	30b49490a7	make use of new WebElement and Priority annotation	2015-02-01 19:52:53 +01:00
Sebastian Sdorra	436b27e8fc	introducing HookBranchProvider to get informations about changed branches during a hook, see issue #668	2015-01-24 11:08:16 +01:00
Sebastian Sdorra	d707f0ee47	servlet fields should be final	2015-01-23 21:44:04 +01:00
Sebastian Sdorra	31bb6dfe6d	return a property for closed branches	2015-01-19 17:54:57 +01:00
Sebastian Sdorra	4fa8e6e88a	replace scm-manager 1.x security api with apache shiro and use PasswordService for stronger password hashes	2014-12-14 12:26:03 +01:00
Sebastian Sdorra	d6ce7383d6	merge with branch 1.x	2014-12-06 15:42:10 +01:00
Sebastian Sdorra	7cb36c4a16	added dtd validation to plugin descriptors	2014-12-06 15:13:28 +01:00
Sebastian Sdorra	75c244fcdb	improve bundle/unbundle api, by using ByteSource and ByteSink	2014-11-02 10:44:17 +01:00
Sebastian Sdorra	a6ecd7ba00	implement push/pull for remote urls	2014-11-01 12:32:21 +01:00
Sebastian Sdorra	8e608d2439	created small user-agent detection framework to choose the right encoding for basic authentication	2014-10-17 15:43:28 +02:00
Sebastian Sdorra	17ebefca3a	added vcs tag	2014-10-10 20:43:55 +02:00
Sebastian Sdorra	8b0fa62ceb	added tags to plugin informations	2014-10-10 20:43:21 +02:00
Sebastian Sdorra	b465e4b18b	introduce scm version to be sure the plugin is for the correct scm-manager major version	2014-09-13 20:07:07 +02:00
Sebastian Sdorra	cb6609a58f	return parse able version	2014-08-19 15:59:31 +02:00
Sebastian Sdorra	1d6db4424b	start implementation of isolated classloaders	2014-06-06 08:57:41 +02:00
Sebastian Sdorra	18c5c3ec97	merge with branch 1.x	2014-06-04 15:51:19 +02:00

... 3 4 5 6 7 ...

536 Commits