HomeLab/ForgeBucket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

fixed yet again...

Browse Source
This commit is contained in:
erangel1
2026-05-07 23:41:17 +02:00
parent e4364b0c2f
commit 6d5122bc11
1 changed files with 4 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/api/router.go
+4 -15
View File
@@ -55,21 +55,10 @@ func New(cfg *config.Config, engine *xorm.Engine, store sessions.Store, staticFi
dashH := handlers.NewDashboardHandler(engine) dashH := handlers.NewDashboardHandler(engine)
// ── Git smart-HTTP transport ─────────────────────────────────────────────── // ── Git smart-HTTP transport ───────────────────────────────────────────────
// These routes MUST be registered before the SPA catch-all and outside CSRF. // Regex constraint ensures only *.git paths match, so asset/SPA URLs
// Git clients use HTTP Basic Auth, not the cookie/CSRF flow. // with two path segments (e.g. /assets/main.js) fall through to the
r.Route("/{owner}/{repoGit}", func(r chi.Router) { // SPA catch-all instead of being swallowed here.
// Only activate for paths ending in .git r.Route("/{owner}/{repoGit:.*\\.git}", func(r chi.Router) {
r.Use(func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
rg := chi.URLParam(req, "repoGit")
if len(rg) < 5 || rg[len(rg)-4:] != ".git" {
// Not a git URL — skip to the next router
http.NotFound(w, req)
return
}
next.ServeHTTP(w, req)
})
})
r.Get("/info/refs", gitH.ServeGit) r.Get("/info/refs", gitH.ServeGit)
r.Post("/git-upload-pack", gitH.ServeGit) r.Post("/git-upload-pack", gitH.ServeGit)
r.Post("/git-receive-pack", gitH.ServeGit) r.Post("/git-receive-pack", gitH.ServeGit)