From: Jakub Narebski <jnareb@gmail.com>
To: "Giuseppe Bilotta" <giuseppe.bilotta@gmail.com>
Cc: "Junio C Hamano" <gitster@pobox.com>,
git@vger.kernel.org, "Petr Baudis" <pasky@suse.cz>
Subject: Re: [RFCv2 1/2] gitweb: add patch view
Date: Wed, 3 Dec 2008 14:00:50 +0100 [thread overview]
Message-ID: <200812031400.50980.jnareb@gmail.com> (raw)
In-Reply-To: <cb7bb73a0812030333n2cfdc745m3a910d2e8677e7fe@mail.gmail.com>
On Wed, 3 Dec 2008, Giuseppe Bilotta wrote:
> On Wed, Dec 3, 2008 at 12:19 PM, Junio C Hamano <gitster@pobox.com> wrote:
>> Giuseppe Bilotta <giuseppe.bilotta@gmail.com> writes:
>>
>>> We thus create a new view that can be fed to git-am directly by exposing
>>> the output of git format-patch directly. This allows patch exchange and
>>> submission via gitweb. A hard limit (configurable, defaults to 100) is
>>> imposed on the number of commits which will be included in a patchset,
>>> to prevent DoS attacks on the server.
>>
>> Hmm, I would imagine that "snapshot" would be a much more effective way to
>> do such an attack, and notice the way we prevent it is to selectively
>> enable the feature per repository.
>>
>> Perhaps this configuration should also be a feature defined in %feature,
>> overridable by each repository? If you default it to "disabled" (as any
>> new feature typically does), you do not have to yank a random number such
>> as 100 out of thin air.
>
> I thought about it, but then I thought it was way too useful for
> single patches to disable the feature a priori. I'd rather make the
> default limit much smaller (like the original 16 commits I had in
> mind, or even less).
Perhaps %feature can be used to configure _maximum_ number of patches
in 'patch' / 'format_patch' view (gitweb_get_feature... well, sort of
as gitweb_check_feature would work too), rather than checking if it
is enabled or disabled?
--
Jakub Narebski
Poland
next prev parent reply other threads:[~2008-12-03 13:02 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-12-03 10:07 [RFCv2 0/2] gitweb: patch view Giuseppe Bilotta
2008-12-03 10:07 ` [RFCv2 1/2] gitweb: add " Giuseppe Bilotta
2008-12-03 10:07 ` [RFCv2 2/2] gitweb: links to patch action in commitdiff and shortlog view Giuseppe Bilotta
2008-12-03 11:19 ` [RFCv2 1/2] gitweb: add patch view Junio C Hamano
2008-12-03 11:33 ` Giuseppe Bilotta
2008-12-03 13:00 ` Jakub Narebski [this message]
2008-12-03 13:14 ` Giuseppe Bilotta
2008-12-03 17:08 ` Jakub Narebski
2008-12-03 20:52 ` Giuseppe Bilotta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200812031400.50980.jnareb@gmail.com \
--to=jnareb@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=giuseppe.bilotta@gmail.com \
--cc=pasky@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.