check anonymous OPTIONS requests file in root (not in subdir)#13354
check anonymous OPTIONS requests file in root (not in subdir)#13354MorrisJobke merged 1 commit intonextcloud:stable15from
Conversation
BastienDurel
force-pushed
the
caldav_anon_pb
branch
from
454f613 to
21f93ce
Compare
|
Can you point me to the part of the RFC that says we should not allow options in subdirs? |
|
I cannot, but as the "real" tree is not used, all OPTIONS returns 404's |
|
Ah it is just for anonymous options... right 👍 |
Signed-off-by: Bastien Durel <bastien@durel.org>
BastienDurel
force-pushed
the
caldav_anon_pb
branch
from
21f93ce to
625380e
Compare
|
CI failures are unrelated -> merging. |
|
Thanks for your first pull request and welcome to the community! Feel free to keep them coming! If you are looking for issues to tackle then have a look at this selection: https://github.com/nextcloud/server/issues?q=is%3Aopen+is%3Aissue+label%3A%22good+first+issue%22 |
|
/backport to stable15 |
|
The backport to stable15 failed. Please do this backport manually. |
|
The PR targeted stable15 already |
|
/backport to master |
|
backport to master in #13362 |
|
/backport to stable14 |
|
The branch that introduced this bug was back ported to 14, back porting the fix to 14 as well: #12639 |
|
backport to stable14 in #13558 |
ghost
mentioned this pull request
4 participants
Don't allow anonymous OPTIONS to sub directories, so we won't send 404's when client is expecting 401 before authenticate.