diff options
| author | Jordan Hollinger <jordan.hollinger@gmail.com> | 2012-04-13 05:17:48 -0400 |
|---|---|---|
| committer | Jordan Hollinger <jordan.hollinger@gmail.com> | 2012-04-13 05:17:48 -0400 |
| commit | 362ef454b811802a5e170835756ba158a393aa06 (patch) | |
| tree | 56bdc72a2b20b241150fa2651395c0825340812b /src/node | |
| parent | 3dd24bdf6f8ef330928c66bde9ed4ddd4dc58f6d (diff) | |
| download | etherpad-lite-362ef454b811802a5e170835756ba158a393aa06.zip | |
Don't block static paths with http auth
Diffstat (limited to 'src/node')
| -rw-r--r-- | src/node/hooks/express/webaccess.js | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/node/hooks/express/webaccess.js b/src/node/hooks/express/webaccess.js index d0e28737..48b5edae 100644 --- a/src/node/hooks/express/webaccess.js +++ b/src/node/hooks/express/webaccess.js @@ -28,6 +28,11 @@ exports.basicAuth = function (req, res, next) { return next(); } } + // Do not require auth for static paths...this could be a bit brittle + else if (req.path.match(/^\/(static|javascripts|pluginfw)/)) { + return next(); + } + // Otherwise return Auth required Headers, delayed for 1 second, if auth failed. res.header('WWW-Authenticate', 'Basic realm="Protected Area"'); |