Skip to content

Commit

Permalink
config/security: Add CI env var to whitelist
Browse files Browse the repository at this point in the history
  • Loading branch information
@septs
septs committed Dec 2, 2022
1 parent ef51848 commit dc44bca
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion config/security/securityConfig.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ var DefaultConfig = Config{
OsEnv: NewWhitelist("(?i)^((HTTPS?|NO)_PROXY|PATH(EXT)?|APPDATA|TE?MP|TERM)$"),
},
Funcs: Funcs{
Getenv: NewWhitelist("^HUGO_"),
Getenv: NewWhitelist("^HUGO_", "^CI$"),
},
HTTP: HTTP{
URLs: NewWhitelist(".*"),
Expand Down
2 changes: 1 addition & 1 deletion config/security/securityConfig_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,7 @@ func TestToTOML(t *testing.T) {
got := DefaultConfig.ToTOML()

c.Assert(got, qt.Equals,
"[security]\n enableInlineShortcodes = false\n\n [security.exec]\n allow = ['^dart-sass-embedded$', '^go$', '^npx$', '^postcss$']\n osEnv = ['(?i)^((HTTPS?|NO)_PROXY|PATH(EXT)?|APPDATA|TE?MP|TERM)$']\n\n [security.funcs]\n getenv = ['^HUGO_']\n\n [security.http]\n methods = ['(?i)GET|POST']\n urls = ['.*']",
"[security]\n enableInlineShortcodes = false\n\n [security.exec]\n allow = ['^dart-sass-embedded$', '^go$', '^npx$', '^postcss$']\n osEnv = ['(?i)^((HTTPS?|NO)_PROXY|PATH(EXT)?|APPDATA|TE?MP|TERM)$']\n\n [security.funcs]\n getenv = ['^HUGO_', '^CI$']\n\n [security.http]\n methods = ['(?i)GET|POST']\n urls = ['.*']",
)
}

Expand Down

0 comments on commit dc44bca

Please sign in to comment.