From 072bbe1b223c6f6c7a80ee86e00a41e15913b4ee Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Wed, 20 Jul 2011 15:50:54 -0400
Subject: [PATCH] Updated to Jetty 7.4.4

---
 src/com/gitblit/wicket/pages/EditRepositoryPage.java |   27 +++++++++++++++++++++------
 1 files changed, 21 insertions(+), 6 deletions(-)

diff --git a/src/com/gitblit/wicket/pages/EditRepositoryPage.java b/src/com/gitblit/wicket/pages/EditRepositoryPage.java
index 2b5cb99..af9358e 100644
--- a/src/com/gitblit/wicket/pages/EditRepositoryPage.java
+++ b/src/com/gitblit/wicket/pages/EditRepositoryPage.java
@@ -19,7 +19,6 @@
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
-import java.util.Date;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
@@ -40,12 +39,11 @@
 import com.gitblit.GitBlit;
 import com.gitblit.GitBlitException;
 import com.gitblit.Keys;
+import com.gitblit.models.RepositoryModel;
+import com.gitblit.models.UserModel;
 import com.gitblit.utils.StringUtils;
-import com.gitblit.wicket.BasePage;
 import com.gitblit.wicket.GitBlitWebSession;
 import com.gitblit.wicket.WicketUtils;
-import com.gitblit.wicket.models.RepositoryModel;
-import com.gitblit.wicket.models.UserModel;
 
 public class EditRepositoryPage extends BasePage {
 
@@ -57,7 +55,7 @@
 		// create constructor
 		super();
 		isCreate = true;
-		setupPage(new RepositoryModel("", "", "", new Date()));
+		setupPage(new RepositoryModel());
 	}
 
 	public EditRepositoryPage(PageParameters params) {
@@ -105,6 +103,22 @@
 
 					// automatically convert backslashes to forward slashes
 					repositoryModel.name = repositoryModel.name.replace('\\', '/');
+					// Automatically replace // with /
+					repositoryModel.name = repositoryModel.name.replace("//", "/");
+
+					// prohibit folder paths
+					if (repositoryModel.name.startsWith("/")) {
+						error("Leading root folder references (/) are prohibited.");
+						return;
+					}
+					if (repositoryModel.name.startsWith("../")) {
+						error("Relative folder references (../) are prohibited.");
+						return;
+					}
+					if (repositoryModel.name.contains("/../")) {
+						error("Relative folder references (../) are prohibited.");
+						return;
+					}
 
 					// confirm valid characters in repository name
 					char[] validChars = { '/', '.', '_', '-' };
@@ -129,7 +143,7 @@
 					}
 
 					// save the repository
-					GitBlit.self().editRepositoryModel(oldName, repositoryModel, isCreate);
+					GitBlit.self().updateRepositoryModel(oldName, repositoryModel, isCreate);
 
 					// save the repository access list
 					if (repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE)) {
@@ -165,6 +179,7 @@
 		form.add(new CheckBox("useTickets"));
 		form.add(new CheckBox("useDocs"));
 		form.add(new CheckBox("showRemoteBranches"));
+		form.add(new CheckBox("showReadme"));
 		form.add(usersPalette);
 
 		add(form);

--
Gitblit v1.9.1