On Mon, Apr 25, 2016 at 6:13 AM, Johannes Schindelin <johannes.schindelin@xxxxxx> wrote: > To make communication for `git fetch`, `git ls-remote` and friends extra > secure, we introduce a way to send custom HTTP headers with all > requests. Hmm. Its not Apr 1 2016. So I guess you are serious. :) > This allows us, for example, to send an extra token that the server > tests for. The server could use this token e.g. to ensure that only > certain operations or refs are allowed, or allow the token to be used > only once. > > This feature can be used like this: > > git -c http.extraheader='Secret: sssh!' fetch $URL $REF Its not very secure to be adding secure data to the command line, e.g. on Linux you can see that data in /proc. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html