Always let access to the metadata endpoint
There is no reason to block it and when blocked it makes automatising the metadata exchange using the WKL difficult.
This commit is contained in:
parent
9b10315fa3
commit
6c9abd363a
|
@ -2989,6 +2989,16 @@ int am_check_uid(request_rec *r)
|
|||
{
|
||||
am_cache_entry_t *session;
|
||||
int return_code = HTTP_UNAUTHORIZED;
|
||||
am_dir_cfg_rec *dir = am_get_dir_cfg(r);
|
||||
|
||||
/* Always allow access to [endpoint_path]/metadata
|
||||
*/
|
||||
if (strstr(r->uri, dir->endpoint_path) == r->uri) {
|
||||
char *endpoint = &r->uri[strlen(dir->endpoint_path)];
|
||||
if (strcmp(endpoint, "metadata") == 0) {
|
||||
return OK;
|
||||
}
|
||||
}
|
||||
|
||||
/* check if we are a subrequest. if we are, then just return OK
|
||||
* without any checking since these cannot be injected (heh). */
|
||||
|
|
Loading…
Reference in New Issue