From: John Keeping <john@keeping.me.uk>
Date: Sat, 31 Mar 2018 14:19:52 +0000 (+0100)
Subject: ui-snapshot: filter permitted snapshot requests
X-Git-Url: https://gitweb.ps.run/ps-cgit/commitdiff_plain/00ad47bbfaf7cc5c372e072a5302e871b5250390?hp=c1572bb5ec4540b5008490cf471cc4a5e65ef728

ui-snapshot: filter permitted snapshot requests

Currently the snapshots configuration option only filters which links
are displayed, not which snapshots may be generated and downloaded.
Apply the filter also to requests to ensure that the system policy is
enforced.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
---

diff --git a/ui-snapshot.c b/ui-snapshot.c
index b9e2a36..abf8399 100644
--- a/ui-snapshot.c
+++ b/ui-snapshot.c
@@ -194,7 +194,7 @@ void cgit_print_snapshot(const char *head, const char *hex,
 	}
 
 	f = get_format(filename);
-	if (!f) {
+	if (!f || !(ctx.repo->snapshots & f->bit)) {
 		cgit_print_error_page(400, "Bad request",
 				"Unsupported snapshot format: %s", filename);
 		return;