From 8f2c8aa3b2c15e0b7c91291e5732334ff8cc54df Mon Sep 17 00:00:00 2001
From: Stanislaw Adaszewski <s.adaszewski@gmail.com>
Date: Sat, 2 May 2020 23:57:40 +0200
Subject: [PATCH] Extra limits on settings in forked repos.

---
 example/gitea-disable/files/nginx.conf | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/example/gitea-disable/files/nginx.conf b/example/gitea-disable/files/nginx.conf
index 0d6a92a..35b0abe 100644
--- a/example/gitea-disable/files/nginx.conf
+++ b/example/gitea-disable/files/nginx.conf
@@ -12,15 +12,25 @@ http {
     listen 80;
 
     location / {
+      error_page 403 /403.html;
+
       rewrite ^/admin1/ $uri break;
       if ($uri ~ ^/([^/]*)/([^/]*)/(wiki|releases|issues)) {
         return 403;
       }
+      rewrite ^/([^/]*)/([^/]*)/settings/(collaboration|branches) $uri break;
+      if ($uri ~ ^/([^/]*)/([^/]*)/settings) {
+        set $test "settings";
+      }
+      if ($request_method = "POST") {
+        set $test "${test}_post";
+      }
+      if ($test = "settings_post") {
+        return 403;
+      }
 
       root /usr/local/share/gitea/public;
 
-      error_page 403 /403.html;
-
       proxy_pass http://localhost:3000/;
     }
   }