From: "Drew Green via GitGitGadget" <gitgitgadget@gmail.com>
To: git@vger.kernel.org
Cc: Drew Green <agreenbhm@gmail.com>, agreenbhm <agreenbhm@gmail.com>
Subject: [PATCH v2] Added Curl Option to Override Request Method v2
Date: Tue, 26 Apr 2022 15:57:39 +0000 [thread overview]
Message-ID: <pull.1225.v2.git.1650988659280.gitgitgadget@gmail.com> (raw)
In-Reply-To: <pull.1225.git.1650970894143.gitgitgadget@gmail.com>
From: agreenbhm <agreenbhm@gmail.com>
Added support for environment variable "CURLOPT_CUSTOMREQUEST"
and config option "http.customrequest" to allow setting the Curl
option to override the default request method used by HTTP Git
operations. Primary reason for this is to allow support for
cloning repositories where only GET requests
are allowed by a local web proxy but not POSTs. When cloning
a repo first a GET is made to the server and then a
POST is made to the "git-upload-pack" endpoint. In some
corporate environments with strong controls
only GET requests are allowed to known repository hosts (such
as GitHub) through a web proxy to prevent data leakage. Using this
new setting, a user can set the "CURLOPT_CUSTOMREQUEST=GET" env at runtime
or "http.customrequest = GET" in their config file which will
change the second request from a POST to a GET, bypassing
web proxy restrictions on the type of requests allowed.
Tested with GitHub, changing the request from POST to GET still
results in the expected behavior of the repo successfully being cloned.
This is v2 of this patch, which refactored the placement of the env
and added the ability to set the config file option.
Signed-off-by: agreenbhm <agreenbhm@gmail.com>
---
Added Curl Option to Override Request Method
Added support for environment variable "CURLOPT_CUSTOMREQUEST" to allow
setting the curl option to override the default request method used by
HTTP Git operations. Primary reason for this is to allow support for
cloning repositories where only GET requests are allowed but not POSTs.
When cloning a repo first a GET is made to the server and then a POST is
made to the "git-upload-pack" endpoint. In some corporate environments
with strong controls only GET requests are allowed to known repository
hosts (such as GitHub) to prevent data leakage by sending data. Using
this new environmental variable, a user can set
"CURLOPT_CUSTOMREQUEST=GET" which will change the second request from a
POST to a GET, bypassing web proxy restrictions on the type of requests
allowed. Tested with GitHub, changing the request from POST to GET still
results in the expected behavior of the repo successfully being cloned.
Signed-off-by: agreenbhm agreenbhm@gmail.com
Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-1225%2Fagreenbhm%2Fmaster-v2
Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-1225/agreenbhm/master-v2
Pull-Request: https://github.com/gitgitgadget/git/pull/1225
Range-diff vs v1:
1: 8bf14c61c2a < -: ----------- Added Curl Option to Override Request Method
-: ----------- > 1: 8734bf28344 Added Curl Option to Override Request Method v2
http.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/http.c b/http.c
index 229da4d1488..eaf269fc5a7 100644
--- a/http.c
+++ b/http.c
@@ -75,6 +75,7 @@ static const char *http_proxy_ssl_key;
static const char *http_proxy_ssl_ca_info;
static struct credential proxy_cert_auth = CREDENTIAL_INIT;
static int proxy_ssl_cert_password_required;
+static const char *http_custom_request;
static struct {
const char *name;
@@ -403,6 +404,9 @@ static int http_options(const char *var, const char *value, void *cb)
return 0;
}
+ if(!strcmp("http.customrequest", var))
+ return git_config_string(&http_custom_request, var, value);
+
/* Fall back on the default ones */
return git_default_config(var, value, cb);
}
@@ -1099,6 +1103,7 @@ void http_init(struct remote *remote, const char *url, int proactive_auth)
starts_with(url, "https://"))
ssl_cert_password_required = 1;
}
+ set_from_env(&http_custom_request, "CURLOPT_CUSTOMREQUEST");
curl_default = get_curl_handle();
}
@@ -1212,7 +1217,7 @@ struct active_request_slot *get_active_slot(void)
curl_easy_setopt(slot->curl, CURLOPT_COOKIEJAR, curl_cookie_file);
curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, pragma_header);
curl_easy_setopt(slot->curl, CURLOPT_ERRORBUFFER, curl_errorstr);
- curl_easy_setopt(slot->curl, CURLOPT_CUSTOMREQUEST, NULL);
+ curl_easy_setopt(slot->curl, CURLOPT_CUSTOMREQUEST, http_custom_request);
curl_easy_setopt(slot->curl, CURLOPT_READFUNCTION, NULL);
curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION, NULL);
curl_easy_setopt(slot->curl, CURLOPT_POSTFIELDS, NULL);
base-commit: 6cd33dceed60949e2dbc32e3f0f5e67c4c882e1e
--
gitgitgadget
next prev parent reply other threads:[~2022-04-26 15:57 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-26 11:01 [PATCH] Added Curl Option to Override Request Method Drew Green via GitGitGadget
2022-04-26 15:57 ` Drew Green via GitGitGadget [this message]
2022-04-26 21:28 ` [PATCH v2] Added Curl Option to Override Request Method v2 brian m. carlson
2022-04-26 23:34 ` Drew Green
2022-04-27 0:49 ` brian m. carlson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=pull.1225.v2.git.1650988659280.gitgitgadget@gmail.com \
--to=gitgitgadget@gmail.com \
--cc=agreenbhm@gmail.com \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).