On the Gitweb site, links that end with /HEAD (for example menu links after
selecting 'tree' on the front page) are mistakenly redirected
to the git-http-backend cgi script and an empty page is shown to the user.
Modified Apache2 ScriptAliasMatch regex so that git-http-backend services get
redirected only if they immediately follow repository's name path component.
Links on Gitweb site have additional action component before /HEAD and those
will be handled by the gitweb cgi script.
The relevant git-http-backend source:
https://repo.or.cz/git/debian.git/blob/refs/tags/v2.20.1:/http-backend.c#l706
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
When using git-http-backend, both URLs ending with and without .git are allowed.
However, access restriction has only be applied for URLs ending with .git. This
means that private git repositories are clone-able by anonymous users by
removing the .git suffix in the URLs.
Fix the issue by extending the access restriction to cover URLs not ending with
.git.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
