From: Brandon Williams <bmwill@google.com>
To: Jeff King <peff@peff.net>
Cc: Eric Wong <e@80x24.org>, Junio C Hamano <gitster@pobox.com>,
Jann Horn <jannh@google.com>,
git@vger.kernel.org, sbeller@google.com, bburky@bburky.com,
jrnieder@gmail.com
Subject: Re: [PATCH v2] http: inform about alternates-as-redirects behavior
Date: Mon, 6 Mar 2017 10:03:02 -0800 [thread overview]
Message-ID: <20170306180302.GA183239@google.com> (raw)
In-Reply-To: <20170304084547.4mg4beudseznaw72@sigill.intra.peff.net>
On 03/04, Jeff King wrote:
> On Sat, Mar 04, 2017 at 08:36:45AM +0000, Eric Wong wrote:
>
> > I also think the security implications for relative alternates
> > on the same host would not matter, since the smart HTTP will
> > take them into account on the server side.
>
> It depends on the host whether all of the repos on it have the same
> security domain or not. A site like github.com hosts both public and
> private repositories, and you do not want a public repo redirecting to
> the private one to get objects.
>
> Of course, that depends on untrusted users being able to configure
> server-side alternates, which GitHub certainly would not let you do. I
> would hope other multi-user hosting sites behave similarly (most hosting
> sites do not seem to allow dumb http at all).
>
> > Perhaps we give http_follow_config ORable flags:
> >
> > HTTP_FOLLOW_NONE = 0,
> > HTTP_FOLLOW_INITIAL = 0x1,
> > HTTP_FOLLOW_RELATIVE = 0x2,
> > HTTP_FOLLOW_ABSOLUTE = 0x4,
> > HTTP_FOLLOW_ALWAYS = 0x7,
> >
> > With the default would being: HTTP_FOLLOW_INITIAL|HTTP_FOLLOW_RELATIVE
> > (but I suppose that's a patch for another time)
>
> I don't have a real problem with breaking it down that way, if somebody
> wants to make a patch. Mostly the reason I didn't do so is that I don't
> think http-alternates are in common use these days, since smart-http is
> much more powerful.
>
> > ----------8<-----------
> > From: Eric Wong <e@80x24.org>
> > Subject: [PATCH] http: inform about alternates-as-redirects behavior
>
> This v2 looks fine to me.
>
> -Peff
I know I'm a little late to the party but v2 looks good to me too. I
like the change from v1 that only mentions the config option as opposed
to listing a value it should be set to.
--
Brandon Williams
next prev parent reply other threads:[~2017-03-06 18:29 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-04 1:35 [PATCH] http: inform about alternates-as-redirects behavior Eric Wong
2017-03-04 3:13 ` Jeff King
2017-03-04 3:49 ` Jeff King
2017-03-04 6:55 ` Eric Wong
2017-03-04 7:41 ` Jeff King
2017-03-04 8:36 ` [PATCH v2] " Eric Wong
2017-03-04 8:45 ` Jeff King
2017-03-06 18:03 ` Brandon Williams [this message]
2017-03-04 15:06 ` [PATCH] " Ramsay Jones
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170306180302.GA183239@google.com \
--to=bmwill@google.com \
--cc=bburky@bburky.com \
--cc=e@80x24.org \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=jannh@google.com \
--cc=jrnieder@gmail.com \
--cc=peff@peff.net \
--cc=sbeller@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.