Permalink
Browse files

Proper branch name validation, fixes #272

  • Loading branch information...
1 parent cf9aeaf commit 4eaebed43bfe91ccd315e331a76b01c987ca383b @klaussilveira committed Mar 29, 2013
Showing with 4 additions and 4 deletions.
  1. +3 −3 src/GitList/Controller/TreeController.php
  2. +1 −1 src/GitList/Util/Routing.php
@@ -68,13 +68,13 @@ public function connect(Application $app)
'tags' => $repository->getTags(),
));
})->assert('repo', $app['util.routing']->getRepositoryRegex())
- ->assert('branch', '[\w-._\/]+')
+ ->assert('branch', $app['util.routing']->getBranchRegex())
->bind('search');
$route->get('{repo}/{branch}/', function ($repo, $branch) use ($app, $treeController) {
return $treeController($repo, $branch);
})->assert('repo', $app['util.routing']->getRepositoryRegex())
- ->assert('branch', '[\w-._\/]+')
+ ->assert('branch', $app['util.routing']->getBranchRegex())
->bind('branch');
$route->get('{repo}/', function ($repo) use ($app, $treeController) {
@@ -111,7 +111,7 @@ public function connect(Application $app)
));
})->assert('format', '(zip|tar)')
->assert('repo', $app['util.routing']->getRepositoryRegex())
- ->assert('branch', '[\w-._\/]+')
+ ->assert('branch', $app['util.routing']->getBranchRegex())
->bind('archive');
return $route;
@@ -85,7 +85,7 @@ public function getBranchRegex()
static $branchRegex = null;
if ($branchRegex === null) {
- $branchRegex = '[\w-._\/]+';
+ $branchRegex = '(?!/|.*([/.]\.|//|@\{|\\\\))[^\040\177 ~^:?*\[]+(?<!\.lock|[/.])';
}
return $branchRegex;

0 comments on commit 4eaebed

Please sign in to comment.