D3239: httppeer: don't accept very old media types (BC)
indygreg (Gregory Szorc)
phabricator at mercurial-scm.org
Wed Apr 11 01:29:16 UTC 2018
indygreg created this revision.
Herald added a subscriber: mercurial-devel.
Herald added a reviewer: hg-reviewers.
REVISION SUMMARY
Versions of Mercurial older than 1.0 emitted the text/plain
and application/hg-changegroup media types in response to wire
protocol commands.
Way back in https://phab.mercurial-scm.org/rHG8760d0c83b9b350308b926dde182996e4aca01df in 2005, the code validating these media
types was added, presumably for backwards compatibility. https://phab.mercurial-scm.org/rHG0b245edec1241892ce0b6e228967994c24a09dd6
a short time before that commit changed things from text/plain and
application/hg-changegroup to application/mercurial-0.1 and
application/hg-0.1. https://phab.mercurial-scm.org/rHG8760d0c83b9b350308b926dde182996e4aca01df seemed to indicate ("for now") that
the BC compatibility was temporary. But that code has lived until
this day.
It has been more than 10 years and nobody should be running pre 1.0
servers.
Pretty much the only risk to this is if there's a server somewhere
advertising the old media types or server software is interfering
and not letting Mercurial send the proper Content-Type header. I
think the chances are rare.
The wire protocol docs were created (by me) from reading existing
code. So the deletions don't constitute a spec change as much as
reflecting the reality of how things have been for years.
.. bc::
The HTTP client no longer accepts text/plain and
application/hg-changegroup Content-Type values as a valid Mercurial
command response. These should only be encountered on pre 1.0
Mercurial servers.
REPOSITORY
rHG Mercurial
REVISION DETAIL
https://phab.mercurial-scm.org/D3239
AFFECTED FILES
mercurial/help/internals/wireprotocol.txt
mercurial/httppeer.py
CHANGE DETAILS
diff --git a/mercurial/httppeer.py b/mercurial/httppeer.py
--- a/mercurial/httppeer.py
+++ b/mercurial/httppeer.py
@@ -322,46 +322,40 @@
safeurl = util.hidepassword(baseurl)
if proto.startswith('application/hg-error'):
raise error.OutOfBandError(resp.read())
- # accept old "text/plain" and "application/hg-changegroup" for now
- if not (proto.startswith('application/mercurial-') or
- (proto.startswith('text/plain')
- and not resp.headers.get('content-length')) or
- proto.startswith('application/hg-changegroup')):
+
+ # Pre 1.0 versions of Mercurial used text/plain and
+ # application/hg-changegroup. We don't support such old servers.
+ if not proto.startswith('application/mercurial-'):
ui.debug("requested URL: '%s'\n" % util.hidepassword(requrl))
raise error.RepoError(
_("'%s' does not appear to be an hg repository:\n"
"---%%<--- (%s)\n%s\n---%%<---\n")
% (safeurl, proto or 'no content-type', resp.read(1024)))
- if proto.startswith('application/mercurial-'):
- try:
- version = proto.split('-', 1)[1]
- version_info = tuple([int(n) for n in version.split('.')])
- except ValueError:
- raise error.RepoError(_("'%s' sent a broken Content-Type "
- "header (%s)") % (safeurl, proto))
-
- # TODO consider switching to a decompression reader that uses
- # generators.
- if version_info == (0, 1):
- if compressible:
- resp = util.compengines['zlib'].decompressorreader(resp)
+ try:
+ version = proto.split('-', 1)[1]
+ version_info = tuple([int(n) for n in version.split('.')])
+ except ValueError:
+ raise error.RepoError(_("'%s' sent a broken Content-Type "
+ "header (%s)") % (safeurl, proto))
- return respurl, resp
+ # TODO consider switching to a decompression reader that uses
+ # generators.
+ if version_info == (0, 1):
+ if compressible:
+ resp = util.compengines['zlib'].decompressorreader(resp)
- elif version_info == (0, 2):
- # application/mercurial-0.2 always identifies the compression
- # engine in the payload header.
- elen = struct.unpack('B', resp.read(1))[0]
- ename = resp.read(elen)
- engine = util.compengines.forwiretype(ename)
- return respurl, engine.decompressorreader(resp)
- else:
- raise error.RepoError(_("'%s' uses newer protocol %s") %
- (safeurl, version))
+ elif version_info == (0, 2):
+ # application/mercurial-0.2 always identifies the compression
+ # engine in the payload header.
+ elen = struct.unpack('B', resp.read(1))[0]
+ ename = resp.read(elen)
+ engine = util.compengines.forwiretype(ename)
- if compressible:
- resp = util.compengines['zlib'].decompressorreader(resp)
+ resp = engine.decompressorreader(resp)
+ else:
+ raise error.RepoError(_("'%s' uses newer protocol %s") %
+ (safeurl, version))
return respurl, resp
diff --git a/mercurial/help/internals/wireprotocol.txt b/mercurial/help/internals/wireprotocol.txt
--- a/mercurial/help/internals/wireprotocol.txt
+++ b/mercurial/help/internals/wireprotocol.txt
@@ -123,12 +123,6 @@
The content of the HTTP response body typically holds text describing the
error.
-The ``application/hg-changegroup`` media type indicates a changegroup response
-type.
-
-Clients also accept the ``text/plain`` media type. All other media
-types should cause the client to error.
-
Behavior of media types is further described in the ``Content Negotiation``
section below.
To: indygreg, #hg-reviewers
Cc: mercurial-devel
More information about the Mercurial-devel
mailing list