Browse Source

WebAPI: return correct status

Fix web API returning Not Found instead of Forbidden.

When not having a session the API would return "Not Found" instead of "Forbidden" when trying to access a non-public endpoint.

PR #16866.
adaptive-webui-19844
Requi 3 years ago committed by GitHub
parent
commit
669b67e666
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 6
      src/webui/webapplication.cpp

6
src/webui/webapplication.cpp

@ -252,6 +252,9 @@ void WebApplication::doProcessRequest()
const QString action = match.captured(u"action"_qs); const QString action = match.captured(u"action"_qs);
const QString scope = match.captured(u"scope"_qs); const QString scope = match.captured(u"scope"_qs);
if (!session() && !isPublicAPI(scope, action))
throw ForbiddenHTTPError();
APIController *controller = nullptr; APIController *controller = nullptr;
if (session()) if (session())
controller = session()->getAPIController(scope); controller = session()->getAPIController(scope);
@ -263,9 +266,6 @@ void WebApplication::doProcessRequest()
throw NotFoundHTTPError(); throw NotFoundHTTPError();
} }
if (!session() && !isPublicAPI(scope, action))
throw ForbiddenHTTPError();
DataMap data; DataMap data;
for (const Http::UploadedFile &torrent : request().files) for (const Http::UploadedFile &torrent : request().files)
data[torrent.filename] = torrent.data; data[torrent.filename] = torrent.data;

Loading…
Cancel
Save