From mboxrd@z Thu Jan  1 00:00:00 1970
From: john at keeping.me.uk (John Keeping)
Date: Sat, 31 Mar 2018 15:26:37 +0100
Subject: [PATCH] ui-snapshot: filter permitted snapshot requests
Message-ID: <66c88a8568953804251dfbe50df01e03e2b202c9.1522506359.git.john@keeping.me.uk>

Currently the snapshots configuration option only filters which links
are displayed, not which snapshots may be generated and downloaded.
Apply the filter to requests as well to ensure that the system policy is
enforced.

Signed-off-by: John Keeping <john at keeping.me.uk>
---
 ui-snapshot.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ui-snapshot.c b/ui-snapshot.c
index b2d95f7..077771a 100644
--- a/ui-snapshot.c
+++ b/ui-snapshot.c
@@ -193,7 +193,7 @@ void cgit_print_snapshot(const char *head, const char *hex,
 	}
 
 	f = get_format(filename);
-	if (!f) {
+	if (!f || !(ctx.repo->snapshots & f->bit)) {
 		cgit_print_error_page(400, "Bad request",
 				"Unsupported snapshot format: %s", filename);
 		return;
-- 
2.16.3