mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

webapp: Explicitly avoid checking for auth in static subsite requests.

Browse source 
Yesod didn't used to do auth checks for that, but this may have changed.
I don't have a way to reproduce the reported problem yet, but this change
certianly won't hurt anything.

This commit was sponsored by Thom May on Patreon.
This commit is contained in:
Joey Hess 2016-11-10 13:48:54 -04:00
parent 6bcddd244e
commit 4643470537
No known key found for this signature in database
GPG key ID: C910D9222512E3C7
4 changed files with 36 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

16
doc/bugs/Webapp_missing_CSS_and_JS_resources___40__401_Unauthorized__41__/comment_2_20e774c16d6978e0a1137a1e406da244._comment Normal file
View file

@ -0,0 +1,16 @@
[[!comment format=mdwn
username="joey"
subject="""comment 2"""
date="2016-11-10T17:30:57Z"
content="""
I don't reproduce the problem here. From where did you install git-annex?
This seems likely to have something to do with the version of yesod it was
built against.
No session cookie is used; the auth token is not supposed to be needed when
accessing urls under `/static/`. Looking at the code, this was not done
explicitly; it seems to have relied on yesod not checking for authorization
for static site parts. I've committed a change, to explicitly skip auth for
`/static/` but without being able to reproduce the problem, can't test it.
"""]]