mirror/qBittorrent
2
0
Fork 0
mirror of https://github.com/qbittorrent/qBittorrent.git synced 2024-12-27 08:19:30 +08:00
Code Issues Packages Projects Releases Wiki Activity

WebAPI: return correct status

Browse Source 
Fix web API returning Not Found instead of Forbidden.

When not having a session the API would return "Not Found" instead of "Forbidden" when trying to access a non-public endpoint.

PR #16866.
This commit is contained in:
Requi 2022-04-14 07:26:19 +02:00 committed by GitHub
parent a2b85ba1fd
commit 669b67e666
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/webui/webapplication.cpp
View File

@ -252,6 +252,9 @@ void WebApplication::doProcessRequest()
const QString action = match.captured(u"action"_qs); const QString action = match.captured(u"action"_qs);
const QString scope = match.captured(u"scope"_qs); const QString scope = match.captured(u"scope"_qs);
if (!session() && !isPublicAPI(scope, action))
throw ForbiddenHTTPError();
APIController *controller = nullptr; APIController *controller = nullptr;
if (session()) if (session())
controller = session()->getAPIController(scope); controller = session()->getAPIController(scope);
@ -263,9 +266,6 @@ void WebApplication::doProcessRequest()
throw NotFoundHTTPError(); throw NotFoundHTTPError();
} }
if (!session() && !isPublicAPI(scope, action))
throw ForbiddenHTTPError();
DataMap data; DataMap data;
for (const Http::UploadedFile &torrent : request().files) for (const Http::UploadedFile &torrent : request().files)
data[torrent.filename] = torrent.data; data[torrent.filename] = torrent.data;