Vote #74060
未完了Accessing a file ressouorce URL should have HTTP 401 header if not logged in
ステータス:
New
優先度:
低め
担当者:
-
カテゴリ:
Accounts / authentication_7
対象バージョン:
-
開始日:
2022/05/09
期日:
進捗率:
0%
予定工数:
Redmineorg_URL:
category_id:
7
version_id:
0
issue_org_id:
14356
author_id:
80872
assigned_to_id:
0
comments:
0
status_id:
1
tracker_id:
2
plus1:
0
affected_version:
closed_on:
affected_version_id:
説明
If I'm logged in to Redmine and have files attached to a ticket or document, I can copy the URL to this file.
If I drop this URL to my browser adress bar, I get an HTTP 200 header and can download the file immediately.
But if I drop this URL to any other program where I not have logged in yet, I receive also a HTTP 200 header.
It would be very nice to recieve a HTTP 401 header, if the request is redirected to the login screen due to no valud user session.
いいね!0