mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

better exceptions to annex.security.allow-unverified-downloads

Browse source
This commit is contained in:
Ilya_Shlyakhter 2018-09-19 15:49:57 +00:00 committed by admin
parent 4528bbab43
commit ea51ac3f59
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
doc/todo/better_exceptions_to_annex.security.allow-unverified-downloads.mdwn Normal file
View file

@ -0,0 +1,5 @@
"Downloading unverified content from (non-encrypted) external special remotes is prevented, because they could follow http redirects to web servers on localhost or on a private network, or in some cases to a file:/// url" -- it's be good if an exception to this could be configured for a given type of external special remote, and/or for specific special remotes.
Sometimes I _know_ that a given external special remote doesn't do redirects, or that a given special remote repository won't have bad URLs. Remembering to do
git -c annex.security.allow-unverified-downloads=ACKTHPPT annex get myfile
every time is another thing to think about, when the whole point of git-annex is to not have to think about where things are :) While configuring
annex.security.allow-unverified-downloads=ACKTHPPT permanently opens security holes.