Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ignore authentication header on status.php #2188

Merged
merged 2 commits into from
Jun 16, 2021
Merged

Conversation

wkloucek
Copy link
Contributor

Description

/status.php is expected not to be authentication protected. This is currently true if you don't sent the authorization header. If you send an invalid or expired authorization header you will get an 401 unauthorized - so it is not really an unauthenticated endpoint. This PR adds the /status.php to the dirty ignore list which is already there because of /konnect/v1/userinfo.

Related Issue

@update-docs
Copy link

update-docs bot commented Jun 16, 2021

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

@wkloucek wkloucek requested review from C0rby, refs and micbar June 16, 2021 16:33
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

100.0% 100.0% Coverage
0.0% 0.0% Duplication

@micbar micbar merged commit 189d148 into master Jun 16, 2021
@delete-merged-branch delete-merged-branch bot deleted the ignore_auth_on_status_php branch June 16, 2021 19:15
ownclouders pushed a commit that referenced this pull request Jun 16, 2021
Merge: 36971ea 93b60b1
Author: Michael Barz <[email protected]>
Date:   Wed Jun 16 21:15:42 2021 +0200

    Merge pull request #2188 from owncloud/ignore_auth_on_status_php

    ignore authentication header on status.php
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Sync is sometimes not working with oCIS and working again after restart
2 participants