>expect
;;
?*)
- echo "Accept-Language: $1" >expect
+ echo "=> Send header: Accept-Language: $1" >expect
;;
esac &&
- GIT_CURL_VERBOSE=1 \
+ GIT_TRACE_CURL=true \
LANGUAGE=$2 \
git ls-remote "$HTTPD_URL/dumb/repo.git" >output 2>&1 &&
tr -d '\015' <output |
sort -u |
- sed -ne '/^Accept-Language:/ p' >actual &&
+ sed -ne '/^=> Send header: Accept-Language:/ p' >actual &&
test_cmp expect actual
}
'
test_expect_success 'git client does not send an empty Accept-Language' '
- GIT_CURL_VERBOSE=1 LANGUAGE= git ls-remote "$HTTPD_URL/dumb/repo.git" 2>stderr &&
- ! grep "^Accept-Language:" stderr
+ GIT_TRACE_CURL=true LANGUAGE= git ls-remote "$HTTPD_URL/dumb/repo.git" 2>stderr &&
+ ! grep "^=> Send header: Accept-Language:" stderr
+'
+
+test_expect_success 'remote-http complains cleanly about malformed urls' '
+ # do not actually issue "list" or other commands, as we do not
+ # want to rely on what curl would actually do with such a broken
+ # URL. This is just about making sure we do not segfault during
+ # initialization.
+ test_must_fail git remote-http http::/example.com/repo.git
'
test_expect_success 'redirects can be forbidden/allowed' '
clone "$HTTPD_URL/dumb/evil.git" evil-file
'
+test_expect_success 'http-alternates triggers not-from-user protocol check' '
+ echo "$HTTPD_URL/dumb/victim.git/objects" \
+ >"$evil/objects/info/http-alternates" &&
+ test_config_global http.followRedirects true &&
+ test_must_fail git -c protocol.http.allow=user \
+ clone $HTTPD_URL/dumb/evil.git evil-user &&
+ git -c protocol.http.allow=always \
+ clone $HTTPD_URL/dumb/evil.git evil-user
+'
+
stop_httpd
test_done