diff options
author | Joas Schilling <coding@schilljs.com> | 2021-04-30 23:09:29 +0200 |
---|---|---|
committer | Joas Schilling <coding@schilljs.com> | 2021-05-12 08:02:53 +0200 |
commit | 236f1b64f9dec26c98cdaf9efd66750001dc8da2 (patch) | |
tree | 11ddcc300af42648a5652d492247d8ea24754cb8 /index.php | |
parent | a2d5d2d613712bc50c4440d0986b8bc310a6a03f (diff) | |
download | nextcloud-server-236f1b64f9dec26c98cdaf9efd66750001dc8da2.tar.gz nextcloud-server-236f1b64f9dec26c98cdaf9efd66750001dc8da2.zip |
Reply with JSON when html is not accepted like in SecurityMiddleware
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'index.php')
-rw-r--r-- | index.php | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/index.php b/index.php index 6bdaf9d477d..88104e19742 100644 --- a/index.php +++ b/index.php @@ -55,6 +55,18 @@ try { OC_Template::printExceptionErrorPage($ex, 500); } } catch (\OC\User\LoginException $ex) { + $request = \OC::$server->getRequest(); + /** + * Routes with the @CORS annotation and other API endpoints should + * not return a webpage, so we only print the error page when html is accepted, + * otherwise we reply with a JSON array like the SecurityMiddleware would do. + */ + if (stripos($request->getHeader('Accept'),'html') === false) { + http_response_code(401); + header('Content-Type: application/json; charset=utf-8'); + echo json_encode(['message' => $ex->getMessage()]); + exit(); + } OC_Template::printErrorPage($ex->getMessage(), $ex->getMessage(), 401); } catch (Exception $ex) { \OC::$server->getLogger()->logException($ex, ['app' => 'index']); |