| commit | fb263872d98b7fba7bb71a3f1d3fb967e7825f58 | |
| author | Kyle J. McKay <mackyle@gmail.com> | |
| Fri, 1 Sep 2017 05:11:40 +0000 (31 22:11 -0700) | ||
| committer | Kyle J. McKay <mackyle@gmail.com> | |
| Fri, 1 Sep 2017 05:11:40 +0000 (31 22:11 -0700) | ||
| tree | 97f177b8675bad3b49ed5362784d0ff18c9d228e | treesnapshot (tar.gz zip) |
| parent | 43d3385ff9e3053eccb851e38e43a5714d93e1fe | commitdiff |
gitweb: allow regex search to be disabled
Some regular expressions can be pathological and while not doing
anything particularly useful, they can consume large amounts of
CPU and/or RAM.
In a situation where the server needs to be protected from these
kinds of malicious regular expressions, make it possible to
disable regular expression search independently.
Introduce a new 'regexp' option that defaults to enabled.
When it is disabled, but search is still enabled, attempting to
use any searches with the "RE" checkbox set will generate an
error result instead thereby protecting the server from potential
pathological regular expressions.
While the same thing could be accomplished by completely disabling
all search, that would cripple the links that allow one to see
commits by the same author/committer and those really are not
CPU/memory intensive.
When a regular expression search is attempted but 'regexp' has
been disabled, an error gets displayed similarly to the way the
error is displayed when grep or pickaxe is attempted but disabled.
Signed-off-by: Kyle J. McKay <mackyle@gmail.com>
Some regular expressions can be pathological and while not doing
anything particularly useful, they can consume large amounts of
CPU and/or RAM.
In a situation where the server needs to be protected from these
kinds of malicious regular expressions, make it possible to
disable regular expression search independently.
Introduce a new 'regexp' option that defaults to enabled.
When it is disabled, but search is still enabled, attempting to
use any searches with the "RE" checkbox set will generate an
error result instead thereby protecting the server from potential
pathological regular expressions.
While the same thing could be accomplished by completely disabling
all search, that would cripple the links that allow one to see
commits by the same author/committer and those really are not
CPU/memory intensive.
When a regular expression search is attempted but 'regexp' has
been disabled, an error gets displayed similarly to the way the
error is displayed when grep or pickaxe is attempted but disabled.
Signed-off-by: Kyle J. McKay <mackyle@gmail.com>
| gitweb/gitweb.perl | diffblobblamehistory |