From c47fbc629bec5b4c213ddff24e96c20ed8f4ca74 Mon Sep 17 00:00:00 2001
From: Thibault Meyer <0xbaadf00d@users.noreply.github.com>
Date: Thu, 22 Dec 2016 07:42:04 +0100
Subject: Feature #2583: Disable HTTP cloning (#3667)

* Can disable GIT interactions by HTTP protocol

* rename variable + fix wiki link

* missing space
---
 routers/repo/http.go | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'routers/repo/http.go')

diff --git a/routers/repo/http.go b/routers/repo/http.go
index 80afcec4..65a5d5fa 100644
--- a/routers/repo/http.go
+++ b/routers/repo/http.go
@@ -479,6 +479,11 @@ func HTTPBackend(ctx *context.Context, cfg *serviceConfig) http.HandlerFunc {
 		for _, route := range routes {
 			r.URL.Path = strings.ToLower(r.URL.Path) // blue: In case some repo name has upper case name
 			if m := route.reg.FindStringSubmatch(r.URL.Path); m != nil {
+				if setting.Repository.DisableHTTPGit {
+					w.WriteHeader(http.StatusForbidden)
+					w.Write([]byte("Interacting with repositories by HTTP protocol is not allowed"))
+					return
+				}
 				if route.method != r.Method {
 					if r.Proto == "HTTP/1.1" {
 						w.WriteHeader(http.StatusMethodNotAllowed)
-- 
cgit v1.2.3