Gitea attempts to replace Accept header for LFS requests #6960
Comments
This was referenced May 15, 2019
|
I've reported same issue to lfs-test-server: git-lfs/lfs-test-server#85 |
This was referenced May 16, 2019
zeripath
added a commit
to zeripath/gitea
that referenced
this issue
May 20, 2019
slonopotamus
added a commit
to slonopotamus/gitea
that referenced
this issue
May 22, 2019
Fixes go-gitea#6960 According to [spec][1], /verify requests must have `Accept: application/vnd.git-lfs+json` Previous code works because `git-lfs` also [violates spec and doesn't send any Accept header at all][2] For other clients that DO set `Accept: application/vnd.git-lfs+json`, addition of `Accept: application/vnd.git-lfs` either forces them to violate the spec or is ignored, depending on order in what they create header list. [1]: https://github.com/git-lfs/git-lfs/blob/master/docs/api/basic-transfers.md#verification [2]: git-lfs/git-lfs#3662
zeripath
pushed a commit
that referenced
this issue
May 24, 2019
Fixes #6960 According to [spec][1], /verify requests must have `Accept: application/vnd.git-lfs+json` Previous code works because `git-lfs` also [violates spec and doesn't send any Accept header at all][2] For other clients that DO set `Accept: application/vnd.git-lfs+json`, addition of `Accept: application/vnd.git-lfs` either forces them to violate the spec or is ignored, depending on order in what they create header list. [1]: https://github.com/git-lfs/git-lfs/blob/master/docs/api/basic-transfers.md#verification [2]: git-lfs/git-lfs#3662
jeffliu27
pushed a commit
to jeffliu27/gitea
that referenced
this issue
Jul 18, 2019
Fixes go-gitea#6960 According to [spec][1], /verify requests must have `Accept: application/vnd.git-lfs+json` Previous code works because `git-lfs` also [violates spec and doesn't send any Accept header at all][2] For other clients that DO set `Accept: application/vnd.git-lfs+json`, addition of `Accept: application/vnd.git-lfs` either forces them to violate the spec or is ignored, depending on order in what they create header list. [1]: https://github.com/git-lfs/git-lfs/blob/master/docs/api/basic-transfers.md#verification [2]: git-lfs/git-lfs#3662
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
master[x]): doesn't matterDescription
When Gitea gives LFS client links for objects verification/download, it tells client to use "Accept: application/vnd.git-lfs" HTTP header. However, LFS specification clearly states that client sends
Accept: application/vnd.git-lfs+json. So, you're effectively forcing client into violation of LFS spec. While this happens to work withgit-lfsthat silently uses your Accept header instead of one from spec, things go much worse with different LFS client.git-lfs-javainstead appends your Accept header so ends up with two Accept headers. But Gitea/verifyhandler only checks the first one, so rejectsgit-lfs-javarequests.I added a workaround to
git-lfs-javaso it can work with Gitea, though still believe you should fix stuff on Gitea side.Here's an unfinished attempt to fix Gitea code by complete elimination of nonstandard "Accept: application/vnd.git-lfs" (such thing exists only in Gitea, it is NOT part of Git-LFS specification!), though it doesn't fully pass tests. Given that my Go skills are almost none, I hope you will fix this.
The text was updated successfully, but these errors were encountered: