mirrors/etherpad-lite
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-04-26 10:26:15 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 17

fix(frontend): permit static resources for access

Browse source
This commit is contained in:
SamTV1998 2025-04-05 16:18:18 +02:00
parent 9276a001d8
commit b6b6eb528e
1 changed files with 12 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

12
src/node/hooks/express/webaccess.ts
View file

@ -49,8 +49,20 @@ exports.userCanModify = (padId: string, req: SocketClientRequest) => {
// Exported so that tests can set this to 0 to avoid unnecessary test slowness.
exports.authnFailureDelayMs = 1000;
const staticResources = [
/^\/padbootstrap-[a-zA-Z0-9]+\.min\.js$/,
/^\/manifest.json$/
]
const checkAccess = async (req:any, res:any, next: Function) => {
const requireAdmin = req.path.toLowerCase().startsWith('/admin-auth');
for (const staticResource of staticResources) {
if (req.path.match(staticResource)) {
console.log(`Loading [${staticResource}] ${req.path}`);
return next()
}
}
// ///////////////////////////////////////////////////////////////////////////////////////////////
// Step 1: Check the preAuthorize hook for early permit/deny (permit is only allowed for non-admin