git-http-backend

git-http-backend [--help] [--batch=<batch-size>] [--advertise-refs[=<path>]] [--stateless-rpc] [--strict]

--help
    Display short usage message and exit.

--batch=<batch-size>
    Limit number of concurrent client requests to batch size (default unlimited).

--advertise-refs[=<path>]
    Advertise refs of the repository at given path (default from PATH_INFO).

--stateless-rpc
    Quit after a single request/response cycle (stateless mode).

--strict
    Enable stricter request parsing and exit on errors.

The git-http-backend is a lightweight CGI program designed to enable HTTP/HTTPS access to Git repositories using the smart HTTP transport protocol. It serves as the backend for web servers like Apache or nginx, handling Git commands such as git-upload-pack and git-receive-pack over HTTP.

When invoked via CGI, it reads requests from standard input (stdin) in a custom protocol format and writes responses to standard output (stdout). This allows bidirectional communication for fetching and pushing changes without needing SSH or Git daemon. It supports both stateful and stateless RPC modes, making it suitable for high-traffic setups.

Key features include advertising available refs, batch processing for efficiency, and strict mode for enhanced security. Web servers map URLs like /repo.git/git-upload-pack to invoke the backend, parsing the repository path from CGI variables like PATH_INFO. It integrates with Git's authorization hooks and environment variables for access control, such as requiring HTTP authentication or Git config settings like http.receivepack.

Primarily used in hosting services like GitHub or GitLab for public/private repo access, it requires careful configuration to avoid exposing sensitive data.

Exposes Git repos publicly if misconfigured; requires web server auth (e.g., Basic HTTP) or Git config like uploadpack.allowAnySHA1InWant=false. Not for dumb HTTP (use git-http-fetch). Runs with web server privileges, so secure repo permissions essential. Large payloads may hit CGI limits.

Relies on CGI vars: PATH_INFO (repo path), QUERY_STRING (service like 'git-upload-pack'), REMOTE_USER (auth), GIT_COMMITTER_NAME/EMAIL (push metadata).

Use git config http.receivepack true to enable pushes. gitweb or cgit for browsing alongside.

Introduced in Git 1.6.6 (2009) for bidirectional smart HTTP support, evolving from unidirectional 'dumb' HTTP in Git 1.5.3. Enhanced with stateless-rpc in 1.7.0 for scalability. Widely used since Git 2.x for hosting platforms.

git(1), git-upload-pack(1), git-receive-pack(1), gitweb(1)