Page MenuHomePhorge
Files F117748832

D3704.1775178842.diff
No OneTemporary
Actions

Authored By
Unknown
Size
1 KB
Referenced Files
None
Subscribers
None

D3704.1775178842.diff
View Options

diff --git a/src/app/Http/Controllers/API/V4/NGINXController.php b/src/app/Http/Controllers/API/V4/NGINXController.php
--- a/src/app/Http/Controllers/API/V4/NGINXController.php
+++ b/src/app/Http/Controllers/API/V4/NGINXController.php
@@ -125,6 +125,11 @@
$username = $this->normalizeUsername($request->headers->get('Php-Auth-User', ""));
$password = $request->headers->get('Php-Auth-Pw', null);
+ if (empty($username)) {
+ //Allow unauthenticated requests
+ return response("");
+ }
+
if (empty($password)) {
\Log::debug("Authentication attempt failed: Empty password provided.");
return response("", 401);
diff --git a/src/tests/Feature/Controller/NGINXTest.php b/src/tests/Feature/Controller/NGINXTest.php
--- a/src/tests/Feature/Controller/NGINXTest.php
+++ b/src/tests/Feature/Controller/NGINXTest.php
@@ -210,7 +210,7 @@
$john = $this->getTestUser('john@kolab.org');
$response = $this->get("api/webhooks/nginx-httpauth");
- $response->assertStatus(401);
+ $response->assertStatus(200);
$pass = \App\Utils::generatePassphrase();
$headers = [
@@ -248,7 +248,7 @@
$modifiedHeaders = $headers;
$modifiedHeaders['Php-Auth-User'] = "";
$response = $this->withHeaders($modifiedHeaders)->get("api/webhooks/nginx-httpauth");
- $response->assertStatus(403);
+ $response->assertStatus(200);
// Invalid User
$modifiedHeaders = $headers;

File Metadata

Mime Type
text/plain
Expires
Fri, Apr 3, 1:14 AM (1 d, 22 h ago)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
18821867
Default Alt Text
D3704.1775178842.diff (1 KB)

Event Timeline