sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Catch auth coming from JS in OCS

remotes/origin/users-ajaxloadgroups
Lukas Reschke 2016-02-15 15:38:37 +07:00
parent b8b77709c0
commit dfc3536d2b
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/private/api.php
Unescape Escape View File

@ -377,9 +377,16 @@ class OC_API {
* @param string $format the format xml|json
*/
public static function respond($result, $format='xml') {
$request = \OC::$server->getRequest();
// Send 401 headers if unauthorised
if($result->getStatusCode() === API::RESPOND_UNAUTHORISED) {
header('WWW-Authenticate: Basic realm="Authorisation Required"');
// If request comes from JS return dummy auth request
if($request->getHeader('X-Requested-With') === 'XMLHttpRequest') {
header('WWW-Authenticate: DummyBasic realm="Authorisation Required"');
} else {
header('WWW-Authenticate: Basic realm="Authorisation Required"');
}
header('HTTP/1.0 401 Unauthorized');
}
@ -389,7 +396,7 @@ class OC_API {
$meta = $result->getMeta();
$data = $result->getData();
if (self::isV2(\OC::$server->getRequest())) {
if (self::isV2($request)) {
$statusCode = self::mapStatusCodes($result->getStatusCode());
if (!is_null($statusCode)) {
$meta['statuscode'] = $statusCode;