diff options
| author | Johannes Schindelin <johannes.schindelin@gmx.de> | 2026-03-05 15:34:50 -0800 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2026-03-06 13:52:28 -0800 |
| commit | 602c83f0efed46c2e86a36273673bf8776ded04e (patch) | |
| tree | bb548dbe50a0edecb73bb320fa8a7175ab47d7d5 /contrib/persistent-https | |
| parent | 128914438a0d2d55ae34314a0881f55a797024d5 (diff) | |
| download | git-602c83f0efed46c2e86a36273673bf8776ded04e.tar.gz git-602c83f0efed46c2e86a36273673bf8776ded04e.zip | |
sideband: offer to configure sanitizing on a per-URL basis
The main objection against sanitizing the sideband that was raised
during the review of the sideband sanitizing patches, first on the
git-security mailing list, then on the public mailing list, was that
there are some setups where server-side `pre-receive` hooks want to
error out, giving colorful messages to the users on the client side (if
they are not redirecting the output into a file, that is).
To avoid breaking such setups, the default chosen by the sideband
sanitizing patches is to pass through ANSI color sequences.
Still, there might be some use case out there where that is not enough.
Therefore the `sideband.allowControlCharacters` config setting allows
for configuring levels of sanitizing.
As Junio Hamano pointed out, to keep users safe by default, we need to
be able to scope this to some servers because while a user may trust
their company's Git server, the same might not apply to other Git
servers.
To allow for this, let's imitate the way `http.<url>.*` offers
to scope config settings to certain URLs, by letting users
override the `sideband.allowControlCharacters` setting via
`sideband.<url>.allowControlCharacters`.
Suggested-by: Junio Hamano <gitster@pobox.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'contrib/persistent-https')
0 files changed, 0 insertions, 0 deletions