From 9e0a3fd6b9130f1a35bae657b2f9c4026899d4c9 Mon Sep 17 00:00:00 2001 From: Aevann Date: Fri, 30 Dec 2022 16:39:34 +0200 Subject: [PATCH] reduce commit hash from 12 chars to 7 --- files/routes/front.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/files/routes/front.py b/files/routes/front.py index 3eeabe5e7c..1d36c2d47b 100644 --- a/files/routes/front.py +++ b/files/routes/front.py @@ -11,7 +11,6 @@ from files.routes.wrappers import * from files.__main__ import app, cache, limiter def git_head(): - short_len = 12 # Note: doing zero sanitization. Git branch names are extremely permissive. # However, they forbid '..', so I don't see an obvious dir traversal attack. # Also, a malicious branch name would mean someone already owned the server @@ -21,7 +20,7 @@ def git_head(): head_txt = head_f.read() head_path = git_regex.match(head_txt).group(1) with open('.git/' + head_path, encoding='utf_8') as ref_f: - gitref = ref_f.read()[0:short_len] + gitref = ref_f.read()[:7] except: return '', '' return (gitref, head_txt)