diff options
| author | Joe Mooring <joe.mooring@veriphor.com> | 2024-02-01 05:03:51 -0800 |
|---|---|---|
| committer | Bjørn Erik Pedersen <bjorn.erik.pedersen@gmail.com> | 2024-02-01 15:10:05 +0100 |
| commit | b6def617276c7d5ff2fccf41ec4cfaff5e1d8935 (patch) | |
| tree | a0da47c768af370c2a7c157b3f3a90594f3e612d | |
| parent | 1891d5e6b5575e3abb7e0f80c3fbce1670f9bd5e (diff) | |
config/security: Add SYSTEMDRIVE to OsEnv allowlist
| -rw-r--r-- | config/security/securityConfig.go | 2 | ||||
| -rw-r--r-- | config/security/securityConfig_test.go | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/config/security/securityConfig.go b/config/security/securityConfig.go index e3bffedca..be9e901f1 100644 --- a/config/security/securityConfig.go +++ b/config/security/securityConfig.go @@ -42,7 +42,7 @@ var DefaultConfig = Config{ ), // These have been tested to work with Hugo's external programs // on Windows, Linux and MacOS. - OsEnv: MustNewWhitelist(`(?i)^((HTTPS?|NO)_PROXY|PATH(EXT)?|APPDATA|TE?MP|TERM|GO\w+|(XDG_CONFIG_)?HOME|USERPROFILE|SSH_AUTH_SOCK|DISPLAY|LANG)$`), + OsEnv: MustNewWhitelist(`(?i)^((HTTPS?|NO)_PROXY|PATH(EXT)?|APPDATA|TE?MP|TERM|GO\w+|(XDG_CONFIG_)?HOME|USERPROFILE|SSH_AUTH_SOCK|DISPLAY|LANG|SYSTEMDRIVE)$`), }, Funcs: Funcs{ Getenv: MustNewWhitelist("^HUGO_", "^CI$"), diff --git a/config/security/securityConfig_test.go b/config/security/securityConfig_test.go index 3d58288c9..57e615a48 100644 --- a/config/security/securityConfig_test.go +++ b/config/security/securityConfig_test.go @@ -135,7 +135,7 @@ func TestToTOML(t *testing.T) { got := DefaultConfig.ToTOML() c.Assert(got, qt.Equals, - "[security]\n enableInlineShortcodes = false\n\n [security.exec]\n allow = ['^(dart-)?sass(-embedded)?$', '^go$', '^npx$', '^postcss$']\n osEnv = ['(?i)^((HTTPS?|NO)_PROXY|PATH(EXT)?|APPDATA|TE?MP|TERM|GO\\w+|(XDG_CONFIG_)?HOME|USERPROFILE|SSH_AUTH_SOCK|DISPLAY|LANG)$']\n\n [security.funcs]\n getenv = ['^HUGO_', '^CI$']\n\n [security.http]\n methods = ['(?i)GET|POST']\n urls = ['.*']", + "[security]\n enableInlineShortcodes = false\n\n [security.exec]\n allow = ['^(dart-)?sass(-embedded)?$', '^go$', '^npx$', '^postcss$']\n osEnv = ['(?i)^((HTTPS?|NO)_PROXY|PATH(EXT)?|APPDATA|TE?MP|TERM|GO\\w+|(XDG_CONFIG_)?HOME|USERPROFILE|SSH_AUTH_SOCK|DISPLAY|LANG|SYSTEMDRIVE)$']\n\n [security.funcs]\n getenv = ['^HUGO_', '^CI$']\n\n [security.http]\n methods = ['(?i)GET|POST']\n urls = ['.*']", ) } |