recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Disable CSRF checks on Git push when updating repository.

Summary: This disables CSRF checking around the `$repository->writeStatusMessage` so that pushing changes over HTTP to Git repositories doesn't fail miserably.

Test Plan: Applied this fix and I could `git push` to hosted repositories again.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4052

Differential Revision: https://secure.phabricator.com/D7490

authored by

James Rhodes and committed by
epriestley 3e2efaf0 0ceb53bf

+11 -6
+11 -6
src/applications/diffusion/controller/DiffusionController.php
··· 180 180 181 181 switch ($repository->getVersionControlSystem()) { 182 182 case PhabricatorRepositoryType::REPOSITORY_TYPE_GIT: 183 - $result = $this->serveGitRequest($repository); 183 + $result = $this->serveGitRequest($repository, $viewer); 184 184 break; 185 185 default: 186 186 $result = new PhabricatorVCSResponse( ··· 192 192 $code = $result->getHTTPResponseCode(); 193 193 194 194 if ($is_push && ($code == 200)) { 195 - $repository->writeStatusMessage( 196 - PhabricatorRepositoryStatusMessage::TYPE_NEEDS_UPDATE, 197 - PhabricatorRepositoryStatusMessage::CODE_OKAY); 195 + $unguarded = AphrontWriteGuard::beginScopedUnguardedWrites(); 196 + $repository->writeStatusMessage( 197 + PhabricatorRepositoryStatusMessage::TYPE_NEEDS_UPDATE, 198 + PhabricatorRepositoryStatusMessage::CODE_OKAY); 199 + unset($unguarded); 198 200 } 199 201 200 202 return $result; ··· 454 456 /** 455 457 * @phutil-external-symbol class PhabricatorStartup 456 458 */ 457 - private function serveGitRequest(PhabricatorRepository $repository) { 459 + private function serveGitRequest( 460 + PhabricatorRepository $repository, 461 + PhabricatorUser $viewer) { 458 462 $request = $this->getRequest(); 459 463 460 464 $request_path = $this->getRequestDirectoryPath(); ··· 492 496 'GIT_HTTP_EXPORT_ALL' => '1', 493 497 'PATH_INFO' => $request_path, 494 498 499 + 'REMOTE_USER' => $viewer->getUsername(), 500 + 495 501 // TODO: Set these correctly. 496 - 'REMOTE_USER' => '', 497 502 // GIT_COMMITTER_NAME 498 503 // GIT_COMMITTER_EMAIL 499 504 );