TRKJ/gitea
2
0
Fork 0
mirror of https://gitee.com/gitea/gitea synced 2025-11-04 00:20:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

Use Req.URL.RequestURI() to cope with FCGI urls (#9473)

Browse Source 
* Use Req.URL.RequestURI() to cope with FCGI urls

* Add debug logging statement when forbidden in internal API.
This commit is contained in:
zeripath
2019-12-24 00:11:12 +00:00
committed by GitHub
parent 546523a57c
commit 017f314b5a
8 changed files with 17 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
routers/private/internal.go
View File

@@ -9,6 +9,7 @@ import (
"strings"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"gitea.com/macaron/macaron"
@@ -19,6 +20,7 @@ func CheckInternalToken(ctx *macaron.Context) {
tokens := ctx.Req.Header.Get("Authorization")
fields := strings.Fields(tokens)
if len(fields) != 2 || fields[0] != "Bearer" || fields[1] != setting.InternalToken {
log.Debug("Forbidden attempt to access internal url: Authorization header: %s", tokens)
ctx.Error(403)
}
}