Merge pull request #158 from YunoHost/dont_set_header_unallowed_users

Don't set header if user don't have access
2024-09-03 20:06:27 +02:00 · 2020-04-01 02:36:58 +02:00 · 2020-04-01 02:36:58 +02:00 · 286eb771a7
commit 286eb771a7
parent 0e2bfacabc ef3d6af9e0
1 changed files with 3 additions and 2 deletions
--- a/access.lua
+++ b/access.lua
@ -320,8 +320,9 @@ if longest_unprotected_match ~= ""
 and string.len(longest_unprotected_match) > string.len(longest_protected_match) then
    if hlp.is_logged_in() then
        serveYnhpanel()
-
-        hlp.set_headers()
+        if hlp.has_access() then
+            hlp.set_headers()
+        end
    end
    logger.debug(ngx.var.uri.." is in unprotected_urls")
    return hlp.pass()