From patchwork Thu Aug 22 15:11:17 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: [6, of, 6, V3] hgweb,
 config: make search restrictions configurable with web.restrictsearch
From: Alexander Plavin <alexander@plav.in>
X-Patchwork-Id: 2249
Message-Id: <90d7565658c737cf929f.1377184277@debian-alexander.dolgopa>
To: mercurial-devel@selenic.com
Date: Thu, 22 Aug 2013 19:11:17 +0400

# HG changeset patch
# User Alexander Plavin <alexander@plav.in>
# Date 1376651054 -14400
#      Fri Aug 16 15:04:14 2013 +0400
# Node ID 90d7565658c737cf929f9380c13adaccd6cdbc15
# Parent  3767921c4b274499fe4254bdafef56bba346b088
hgweb, config: make search restrictions configurable with web.restrictsearch

Add boolean config option to allow disabling all search restrictions.

diff -r 3767921c4b27 -r 90d7565658c7 mercurial/help/config.txt
--- a/mercurial/help/config.txt	Sat Jul 20 01:32:38 2013 +0400
+++ b/mercurial/help/config.txt	Fri Aug 16 15:04:14 2013 +0400
@@ -1461,6 +1461,10 @@
     Whether to require that inbound pushes be transported over SSL to
     prevent password sniffing. Default is True.
 
+``restrictsearch``
+    Whether to restrict usage of regular expressions and
+    heavyweight revset functions in search. Default is True.
+
 ``staticurl``
     Base URL to use for static files. If unset, static files (e.g. the
     hgicon.png favicon) will be served by the CGI script itself. Use
diff -r 3767921c4b27 -r 90d7565658c7 mercurial/hgweb/webcommands.py
--- a/mercurial/hgweb/webcommands.py	Sat Jul 20 01:32:38 2013 +0400
+++ b/mercurial/hgweb/webcommands.py	Fri Aug 16 15:04:14 2013 +0400
@@ -176,13 +176,14 @@
             # no revset syntax used
             return 'kw', query
 
-        if any_((token, (value or '')[:3]) == ('string', 're:')
-               for token, value, pos in revset.tokenize(revdef)):
-            return 'kw', query
-        funcsused = revset.funcsused(tree)
-        blacklist = set(['contains', 'grep'])
-        if funcsused & blacklist:
-            return 'kw', query
+        if web.configbool('web', 'restrictsearch', True):
+            if any_((token, (value or '')[:3]) == ('string', 're:')
+                   for token, value, pos in revset.tokenize(revdef)):
+                return 'kw', query
+            funcsused = revset.funcsused(tree)
+            blacklist = set(['contains', 'grep'])
+            if funcsused & blacklist:
+                return 'kw', query
 
         mfunc = revset.match(None, revdef)
         try: