mirror of
https://github.com/Tecnativa/docker-socket-proxy
synced 2024-12-22 14:48:08 +00:00
Fix backwards compatibility code
The original code will not allow write access (set via the POST var) to endpoints to which read access is not provided. Before this fix, verify_access would allow write-only access to all endpoints if the POST var was set regardless of read access.
This commit is contained in:
parent
eb128120ed
commit
7275202d5e
@ -2,7 +2,7 @@ core.register_fetches("verify_access", function(txn, api)
|
||||
-- env(api) check is kept for backwards compatibility
|
||||
local read_allowed = txn.f:env(api) == "1" or txn.f:env(api .. "_READ") == "1"
|
||||
-- env(POST) check is kept for backwards compatibility
|
||||
local write_allowed = txn.f:env(api .. "_WRITE") == "1" or txn.f:env("POST") == "1"
|
||||
local write_allowed = txn.f:env(api .. "_WRITE") == "1" or (read_allowed and txn.f:env("POST") == "1")
|
||||
local method = txn.f:method()
|
||||
|
||||
local result = ((method == "GET" or method == "HEAD") and read_allowed)
|
||||
|
Loading…
Reference in New Issue
Block a user