summary refs log tree commit diff
path: root/ui-plain.c
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2016-01-14 14:53:28 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2016-01-14 15:42:56 +0100
commitc326f3eb026d67650f79a6dda9a1a42c55d10a25 (patch)
tree51b94c63164ea924eb019c2e3c1e0b290509549b /ui-plain.c
parent9ca2566972db968df4479108b29bb92551138b57 (diff)
ui-plain: add enable-html-serving flag
Unrestricts plain/ to contents likely to be executed by browser.
Diffstat (limited to 'ui-plain.c')
-rw-r--r--ui-plain.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/ui-plain.c b/ui-plain.c
index 58addab..ff85113 100644
--- a/ui-plain.c
+++ b/ui-plain.c
@@ -37,6 +37,16 @@ static int print_object(const unsigned char *sha1, const char *path)
 	mimetype = get_mimetype_for_filename(path);
 	ctx.page.mimetype = mimetype;
 
+	if (!ctx.repo->enable_html_serving) {
+		html("X-Content-Type-Options: nosniff\n");
+		html("Content-Security-Policy: default-src 'none'\n");
+		if (mimetype) {
+			/* Built-in white list allows PDF and everything that isn't text/ and application/ */
+			if ((!strncmp(mimetype, "text/", 5) || !strncmp(mimetype, "application/", 12)) && strcmp(mimetype, "application/pdf"))
+				ctx.page.mimetype = NULL;
+		}
+	}
+
 	if (!ctx.page.mimetype) {
 		if (buffer_is_binary(buf, size)) {
 			ctx.page.mimetype = "application/octet-stream";