I suggest you ...

Configure preferred repository access protocols with enable/disable options

It would be really nice to disable HTTP repository url. In my instance I only use the SSH one so the HTTP one presents dummy url starting with http://localhost/

269 votes
Sign in
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    SpOoN BYO shared this idea  ·   ·  Admin →


    Sign in
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      • Jonathan commented  · 

        Just to add my two cents:
        I want to allow ssh and https cloning, but NOT http cloning. I think the reasons should be obvious-- if I offer https and I'm not getting enormous (i.e., costly) traffic, there is no good reason to allow my users to download the code over an insecure connection. Even in a case where a user only wants to read the code, the small speed benefit doesn't outweigh the risks. I don't want it to be an option, and if it's not then I don't even need to care about the risks.

        I'm getting an impression that people are using the term "http" as a shorthand for "http and https"-- that's why I wanted to comment.


      • Accounting Programmer commented  · 

        http://tasaheelteeba.com/?p=68 شركة تنظيف منازل بالمدينة المنورة
        http://tasaheelteeba.com/?p=46 شركة مكافحة حشرات بالمدينة المنورة
        http://tasaheelteeba.com/?p=41 شركة كشف تسربات بالمدينة المنورة
        http://tasaheelteeba.com/?p=38 شركة تنظيف كنب بالمدينة المنورة
        http://tasaheelteeba.com/?p=21 شركة تنظيف وغسيل الخزانات بالمدينة المنورة
        http://tasaheelteeba.com/?p=8 شركة نقل العفش بالمدينة المنورة
        http://tasaheelteeba.com/?p=192 شراء الاثاث المستعمل بالمدينة المنورة
        http://tasaheelteeba.com/?p=99 شراء اثاث مستعمل بالمدينة المنورة
        http://tasaheelteeba.com/?p=215 شركة غسيل كنب بالمدينة المنورة
        http://tasaheelteeba.com/?p=225 شركة عزل خزانات بالمدينة المنورة

      • s7v7nislands commented  · 

        where to post? github,or gitlab, or here?

      • 123Haynes commented  · 

        Is someone still activly working on this?

      • zzjin commented  · 

        may be an alternative solution is to have one "per project" setting witch can set each project can clone via ssh or not.
        when one project is "public" there is no such config. and can only clone|push via http(s)

      • Sullivan SENECHAL commented  · 

        So you continue you PR ? In this case no necessary to continue mine. ;)

        1) Good question for public repositories... Technically it would deactivate git clone at all, not very useful but not a problem if public repos are not used...

        2) Yeah I was going on the same way. Disable views and, at least, services. But I don't well know where to do this...

        The best is to try a PR with yours propositions and start a discussion directly with the collaborators! ;)

      • Philipp Häfele commented  · 

        @Sullivan I will use your refs and the extra text if both are disabled. Like the keys tab on profile settings and the default_clone_protocol and address.

        Do you have any suggestions for my 2 questions?

      • Philipp Häfele commented  · 

        I'm just trying to implement this options but i have some questions. First of all what should happen to the clone panel on public repositories if http is disabled!?

        Should we hide it because if you can't login, you can't add your key and ergo can't clone it.

        Other question is related to the question from "Sullivan SENECHAL". Before i have to review the whole code it would be nice to get some hints where to disable the services and ssh keys of profile.

        At first I'm going to hide the views and later disable the services.

      • Sullivan SENECHAL commented  · 

        I think if http or ssh disable, that must desactivate the service, not only the showed link, I'm right ?

      • Toms Seisums commented  · 

        Yeah, this would be great. Ultimately, it'd be nice if we could have something like Apache's "allow/deny" functionality, so we could enable/disable hosts that can do either of clones.

        I'm using some tools that work with these repositories, and I have these tools on the same host as GitLab. So, adding localhost to the allow list and deny everything else would be wonderful!

      • Ben Bodenmiller commented  · 

        I think there should be a third option that allows a user to specific the preferred option without disabling the others. For example if I have HTTP set as prefer I would expect that address to show up on the project page first.

      • Philipp Häfele commented  · 

        Is there anybody working in this feature, because i would try to implement this options?

      • rtrauntvein commented  · 

        Would be great to be able to disable SSH and HTTP git methods independently. Seems like there are use cases for people using only one or the other...or both.

      • Anonymous commented  · 

        Possibility to disable GLOBALLY HTTPS/HTTPS pull/push,... achieve only SSH data access via rsa key.

      ← Previous 1

      Feedback and Knowledge Base