From 362ef454b811802a5e170835756ba158a393aa06 Mon Sep 17 00:00:00 2001 From: Jordan Hollinger Date: Fri, 13 Apr 2012 05:17:48 -0400 Subject: Don't block static paths with http auth --- src/node/hooks/express/webaccess.js | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'src/node') diff --git a/src/node/hooks/express/webaccess.js b/src/node/hooks/express/webaccess.js index d0e28737..48b5edae 100644 --- a/src/node/hooks/express/webaccess.js +++ b/src/node/hooks/express/webaccess.js @@ -28,6 +28,11 @@ exports.basicAuth = function (req, res, next) { return next(); } } + // Do not require auth for static paths...this could be a bit brittle + else if (req.path.match(/^\/(static|javascripts|pluginfw)/)) { + return next(); + } + // Otherwise return Auth required Headers, delayed for 1 second, if auth failed. res.header('WWW-Authenticate', 'Basic realm="Protected Area"'); -- cgit v1.2.3