Jeff King <peff@xxxxxxxx> writes:
> On Thu, Dec 01, 2016 at 11:44:07AM -0800, Brandon Williams wrote:
>
>> Add a the 'redirect' parameter to 'is_transport_allowed' which allows
>> callers to query if a transport protocol can be used on a redirect.
>
> s/a the/a/
>
>> -int is_transport_allowed(const char *type)
>> +int is_transport_allowed(const char *type, int redirect)
>> {
>> const struct string_list *whitelist = protocol_whitelist();
>> if (whitelist)
>> @@ -735,7 +735,7 @@ int is_transport_allowed(const char *type)
>> case PROTOCOL_ALLOW_NEVER:
>> return 0;
>> case PROTOCOL_ALLOW_USER_ONLY:
>> - return git_env_bool("GIT_PROTOCOL_FROM_USER", 1);
>> + return git_env_bool("GIT_PROTOCOL_FROM_USER", !redirect);
>> }
>
> This has the older logic still.
>
> I'm not sure if we should call this "redirect" here. That's how it's
> used by the curl code, but I think from the perspective of the transport
> whitelist, it is really "are you overriding the from_user environment".
>
> Calling it "from_user" may be confusing though, as the default value
> would become "1", even though it means only "as far as I know this is
> from the user, but maybe the environment says otherwise". So bizarrely,
> I think calling it "not_from_user" is the clearest value.
Bikeshedding: perhaps call it "unsafe" (in the sense that it is "not
known to be safe")?