summaryrefslogtreecommitdiffstats
path: root/routers/private
diff options
context:
space:
mode:
authorzeripath <art27@cantab.net>2019-12-24 00:11:12 +0000
committerGitHub <noreply@github.com>2019-12-24 00:11:12 +0000
commit017f314b5a0f930b477efa1c2a5309f8cdd6d3c3 (patch)
treed2e7df096c672520c2a957069829bb9aeb3005bd /routers/private
parent546523a57c0b4393f0732da3db5ad1c8c0d5ec43 (diff)
downloadgitea-017f314b5a0f930b477efa1c2a5309f8cdd6d3c3.tar.gz
gitea-017f314b5a0f930b477efa1c2a5309f8cdd6d3c3.zip
Use Req.URL.RequestURI() to cope with FCGI urls (#9473)
* Use Req.URL.RequestURI() to cope with FCGI urls * Add debug logging statement when forbidden in internal API.
Diffstat (limited to 'routers/private')
-rw-r--r--routers/private/internal.go2
1 files changed, 2 insertions, 0 deletions
diff --git a/routers/private/internal.go b/routers/private/internal.go
index cfbad19678..dafcd88822 100644
--- a/routers/private/internal.go
+++ b/routers/private/internal.go
@@ -9,6 +9,7 @@ import (
"strings"
"code.gitea.io/gitea/models"
+ "code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"gitea.com/macaron/macaron"
@@ -19,6 +20,7 @@ func CheckInternalToken(ctx *macaron.Context) {
tokens := ctx.Req.Header.Get("Authorization")
fields := strings.Fields(tokens)
if len(fields) != 2 || fields[0] != "Bearer" || fields[1] != setting.InternalToken {
+ log.Debug("Forbidden attempt to access internal url: Authorization header: %s", tokens)
ctx.Error(403)
}
}