vriska/hydra
0
0
Fork 0
forked from lix-project/hydra
Code Pull requests Activity

Make /api/push-github public for private Hydra instances. This makes it possible to use webhooks to trigger evaluations for private Hydra instances.

Browse source
This commit is contained in:
Rob Vermaas 2018-06-14 17:22:35 +02:00
parent cff52ab151
commit 879333fd3c
No known key found for this signature in database
GPG key ID: 6B726FB2EE6F4255
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/lib/Hydra/Controller/Root.pm
View file

@ -26,6 +26,7 @@ sub noLoginNeeded {
my $whitelisted = any { $_ eq $hostname } split(/,/, $readonly_ips); my $whitelisted = any { $_ eq $hostname } split(/,/, $readonly_ips);
return $whitelisted || return $whitelisted ||
$c->request->path eq "api/push-github" ||
$c->request->path eq "google-login" || $c->request->path eq "google-login" ||
$c->request->path eq "login" || $c->request->path eq "login" ||
$c->request->path eq "logo" || $c->request->path eq "logo" ||
@ -69,7 +70,7 @@ sub begin :Private {
$_->supportedInputTypes($c->stash->{inputTypes}) foreach @{$c->hydra_plugins}; $_->supportedInputTypes($c->stash->{inputTypes}) foreach @{$c->hydra_plugins};
# XSRF protection: require POST requests to have the same origin. # XSRF protection: require POST requests to have the same origin.
if ($c->req->method eq "POST") { if ($c->req->method eq "POST" && $c->req->path ne "api/push-github") {
my $referer = $c->req->header('Origin'); my $referer = $c->req->header('Origin');
$referer //= $c->req->header('Referer'); $referer //= $c->req->header('Referer');
my $base = $c->req->base; my $base = $c->req->base;