forked from GNUsocial/gnu-social
Return an http auth error, when a client sends in an invalid auth user, even when http auth is not required.
This commit is contained in:
parent
766cf99f21
commit
60009227f7
@ -267,7 +267,7 @@ class ApiAuthAction extends ApiAction
|
|||||||
|
|
||||||
$this->access = self::READ_WRITE;
|
$this->access = self::READ_WRITE;
|
||||||
|
|
||||||
if (empty($this->auth_user) && $required) {
|
if (empty($this->auth_user) && ($required || isset($_SERVER['PHP_AUTH_USER']))) {
|
||||||
|
|
||||||
// basic authentication failed
|
// basic authentication failed
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user