kenmirrors/grocy
1
0
Fork 0
mirror of https://github.com/grocy/grocy.git synced 2025-04-29 17:45:39 +00:00
Code Issues Projects Releases Wiki Activity

Don't return anything in the response body when unauthenticated (fixes #696)

Browse Source
This commit is contained in:
Bernd Bestel 2020-04-03 18:22:05 +02:00
parent 11bf89e13a
commit 2778d2ad56
No known key found for this signature in database
GPG Key ID: 71BD34C0D4891300
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
middleware/SessionAuthMiddleware.php
View File

@ -44,7 +44,7 @@ class SessionAuthMiddleware extends BaseMiddleware
if ((!isset($_COOKIE[$this->SessionCookieName]) || !$sessionService->IsValidSession($_COOKIE[$this->SessionCookieName])) && $routeName !== 'login') if ((!isset($_COOKIE[$this->SessionCookieName]) || !$sessionService->IsValidSession($_COOKIE[$this->SessionCookieName])) && $routeName !== 'login')
{ {
define('GROCY_AUTHENTICATED', false); define('GROCY_AUTHENTICATED', false);
$response = $handler->handle($request); $response = new \Slim\Psr7\Response(); // No content when unauthorized
$response = $response->withHeader('Location', $this->AppContainer->get('UrlManager')->ConstructUrl('/login')); $response = $response->withHeader('Location', $this->AppContainer->get('UrlManager')->ConstructUrl('/login'));
} }
else else