From c3b83960845e90b8334a9c8c29327979eb8979c8 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Wed, 25 Sep 2019 10:33:47 +0100 Subject: [PATCH] Some exemptions from authenticated fetch due to prior authorization --- daemon.py | 44 ++++++++++++++++++++------------------------ 1 file changed, 20 insertions(+), 24 deletions(-) diff --git a/daemon.py b/daemon.py index 9290a7ab..6450ee73 100644 --- a/daemon.py +++ b/daemon.py @@ -1732,12 +1732,11 @@ class PubServer(BaseHTTPRequestHandler): self._set_headers('text/html',len(msg),cookie) self.wfile.write(msg) else: - if self._fetchAuthenticated(): - msg=json.dumps(inboxFeed).encode('utf-8') - self._set_headers('application/json',len(msg),None) - self.wfile.write(msg) - else: - self._404() + # don't need authenticated fetch here because there is + # already the authorization check + msg=json.dumps(inboxFeed).encode('utf-8') + self._set_headers('application/json',len(msg),None) + self.wfile.write(msg) self.server.GETbusy=False return else: @@ -1801,12 +1800,11 @@ class PubServer(BaseHTTPRequestHandler): self._set_headers('text/html',len(msg),cookie) self.wfile.write(msg) else: - if self._fetchAuthenticated(): - msg=json.dumps(inboxDMFeed).encode('utf-8') - self._set_headers('application/json',len(msg),None) - self.wfile.write(msg) - else: - self._404() + # don't need authenticated fetch here because there is + # already the authorization check + msg=json.dumps(inboxDMFeed).encode('utf-8') + self._set_headers('application/json',len(msg),None) + self.wfile.write(msg) self.server.GETbusy=False return else: @@ -1873,12 +1871,11 @@ class PubServer(BaseHTTPRequestHandler): self._set_headers('text/html',len(msg),cookie) self.wfile.write(msg) else: - if self._fetchAuthenticated(): - msg=json.dumps(inboxRepliesFeed).encode('utf-8') - self._set_headers('application/json',len(msg),None) - self.wfile.write(msg) - else: - self._404() + # don't need authenticated fetch here because there is + # already the authorization check + msg=json.dumps(inboxRepliesFeed).encode('utf-8') + self._set_headers('application/json',len(msg),None) + self.wfile.write(msg) self.server.GETbusy=False return else: @@ -1995,12 +1992,11 @@ class PubServer(BaseHTTPRequestHandler): self._set_headers('text/html',len(msg),cookie) self.wfile.write(msg) else: - if self._fetchAuthenticated(): - msg=json.dumps(moderationFeed).encode('utf-8') - self._set_headers('application/json',len(msg),None) - self.wfile.write(msg) - else: - self._404() + # don't need authenticated fetch here because there is + # already the authorization check + msg=json.dumps(moderationFeed).encode('utf-8') + self._set_headers('application/json',len(msg),None) + self.wfile.write(msg) self.server.GETbusy=False return else: