YunoHost/SSOwat
1
0
Fork 0
mirror of https://github.com/YunoHost/SSOwat.git synced 2024-09-03 20:06:27 +02:00
Code Issues Projects Releases Packages Wiki Activity

Fix ynhpanel.js access in unprotected case

Browse source
This commit is contained in:
Josué Tille 2019-02-07 11:19:43 +01:00
parent cb6a827157
commit e979eb4f65
No known key found for this signature in database
GPG key ID: D5E068C6DFA8681D
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
access.lua
View file

@ -348,6 +348,11 @@ if conf["unprotected_urls"] then
and not is_protected() then and not is_protected() then
if hlp.is_logged_in() then if hlp.is_logged_in() then
hlp.set_headers() hlp.set_headers()
elseif string.match(ngx.var.uri, "^/ynhpanel.js$")
or string.match(ngx.var.uri, "^/ynhpanel.css$")
or string.match(ngx.var.uri, "^/ynhpanel.json$") then
local back_url = "https://" .. ngx.var.host .. ngx.var.uri .. hlp.uri_args_string()
return hlp.redirect(conf.portal_url.."?r="..ngx.encode_base64(back_url))
end end
return hlp.pass() return hlp.pass()
end end
@ -361,6 +366,11 @@ if conf["unprotected_regex"] then
and not is_protected() then and not is_protected() then
if hlp.is_logged_in() then if hlp.is_logged_in() then
hlp.set_headers() hlp.set_headers()
elseif string.match(ngx.var.uri, "^/ynhpanel.js$")
or string.match(ngx.var.uri, "^/ynhpanel.css$")
or string.match(ngx.var.uri, "^/ynhpanel.json$") then
local back_url = "https://" .. ngx.var.host .. ngx.var.uri .. hlp.uri_args_string()
return hlp.redirect(conf.portal_url.."?r="..ngx.encode_base64(back_url))
end end
return hlp.pass() return hlp.pass()
end end