mirror of
https://github.com/octoleo/syncthing.git
synced 2025-01-03 07:12:27 +00:00
parent
c791dba392
commit
7a402409f1
@ -258,6 +258,7 @@ func (s *service) Serve(ctx context.Context) error {
|
|||||||
restMux.HandlerFunc(http.MethodGet, "/rest/folder/pullerrors", s.getFolderErrors) // folder (deprecated)
|
restMux.HandlerFunc(http.MethodGet, "/rest/folder/pullerrors", s.getFolderErrors) // folder (deprecated)
|
||||||
restMux.HandlerFunc(http.MethodGet, "/rest/events", s.getIndexEvents) // [since] [limit] [timeout] [events]
|
restMux.HandlerFunc(http.MethodGet, "/rest/events", s.getIndexEvents) // [since] [limit] [timeout] [events]
|
||||||
restMux.HandlerFunc(http.MethodGet, "/rest/events/disk", s.getDiskEvents) // [since] [limit] [timeout]
|
restMux.HandlerFunc(http.MethodGet, "/rest/events/disk", s.getDiskEvents) // [since] [limit] [timeout]
|
||||||
|
restMux.HandlerFunc(http.MethodGet, "/rest/noauth/health", s.getHealth) // -
|
||||||
restMux.HandlerFunc(http.MethodGet, "/rest/stats/device", s.getDeviceStats) // -
|
restMux.HandlerFunc(http.MethodGet, "/rest/stats/device", s.getDeviceStats) // -
|
||||||
restMux.HandlerFunc(http.MethodGet, "/rest/stats/folder", s.getFolderStats) // -
|
restMux.HandlerFunc(http.MethodGet, "/rest/stats/folder", s.getFolderStats) // -
|
||||||
restMux.HandlerFunc(http.MethodGet, "/rest/svc/deviceid", s.getDeviceID) // id
|
restMux.HandlerFunc(http.MethodGet, "/rest/svc/deviceid", s.getDeviceID) // id
|
||||||
@ -1565,6 +1566,10 @@ func (s *service) postDBPrio(w http.ResponseWriter, r *http.Request) {
|
|||||||
s.getDBNeed(w, r)
|
s.getDBNeed(w, r)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (*service) getHealth(w http.ResponseWriter, _ *http.Request) {
|
||||||
|
sendJSON(w, map[string]string{"status": "OK"})
|
||||||
|
}
|
||||||
|
|
||||||
func (*service) getQR(w http.ResponseWriter, r *http.Request) {
|
func (*service) getQR(w http.ResponseWriter, r *http.Request) {
|
||||||
var qs = r.URL.Query()
|
var qs = r.URL.Query()
|
||||||
var text = qs.Get("text")
|
var text = qs.Get("text")
|
||||||
|
@ -44,6 +44,12 @@ func basicAuthAndSessionMiddleware(cookieName string, guiCfg config.GUIConfigura
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Exception for REST calls that don't require authentication.
|
||||||
|
if strings.HasPrefix(r.URL.Path, "/rest/noauth") {
|
||||||
|
next.ServeHTTP(w, r)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
cookie, err := r.Cookie(cookieName)
|
cookie, err := r.Cookie(cookieName)
|
||||||
if err == nil && cookie != nil {
|
if err == nil && cookie != nil {
|
||||||
sessionsMut.Lock()
|
sessionsMut.Lock()
|
||||||
|
@ -74,6 +74,13 @@ func (m *csrfManager) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if strings.HasPrefix(r.URL.Path, "/rest/noauth") {
|
||||||
|
// REST calls that don't require authentication also do not
|
||||||
|
// need a CSRF token.
|
||||||
|
m.next.ServeHTTP(w, r)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
// Allow requests for anything not under the protected path prefix,
|
// Allow requests for anything not under the protected path prefix,
|
||||||
// and set a CSRF cookie if there isn't already a valid one.
|
// and set a CSRF cookie if there isn't already a valid one.
|
||||||
if !strings.HasPrefix(r.URL.Path, m.prefix) {
|
if !strings.HasPrefix(r.URL.Path, m.prefix) {
|
||||||
|
Loading…
Reference in New Issue
Block a user