open-source-mirrors
/
ass
mirror of https://github.com/tycrek/ass
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fixed 500 instead of 401 when auth header missing

Browse Source
pull/20/head
tycrek 4 years ago
parent 4628524534
commit 8add5f7ecd
No known key found for this signature in database
GPG Key ID: 25D74F3943625263
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File

1
ass.js
Unescape View File

@ -106,6 +106,7 @@ function startup() {
// Block unauthorized requests and attempt token sanitization // Block unauthorized requests and attempt token sanitization
app.post('/', (req, res, next) => { app.post('/', (req, res, next) => {
req.headers.authorization = req.headers.authorization || '';
req.token = req.headers.authorization.replace(/[^\da-z]/gi, ''); // Strip anything that isn't a digit or ASCII letter req.token = req.headers.authorization.replace(/[^\da-z]/gi, ''); // Strip anything that isn't a digit or ASCII letter
!verify(req, users) ? res.sendStatus(CODE_UNAUTHORIZED) : next(); // skipcq: JS-0093 !verify(req, users) ? res.sendStatus(CODE_UNAUTHORIZED) : next(); // skipcq: JS-0093
}); });

Write Preview
Loading…
Cancel
Save