diff options
author | Morris Jobke <hey@morrisjobke.de> | 2021-05-17 10:36:18 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-05-17 10:36:18 +0300 |
commit | 77a4368418e0e375215de94ab96daf4b5336a4cb (patch) | |
tree | 10b6f321c7fd355cfa685dff49b6f6dfa6c605be | |
parent | 06377b7df1019f9287afd46f1202fdc86c0700f3 (diff) | |
parent | 236f1b64f9dec26c98cdaf9efd66750001dc8da2 (diff) |
Merge pull request #26846 from nextcloud/followup/26572/reply-with-json-when-not-accepting-html
Reply with json when not accepting html on LoginException
-rw-r--r-- | build/integration/features/provisioning-v1.feature | 2 | ||||
-rw-r--r-- | index.php | 14 |
2 files changed, 14 insertions, 2 deletions
diff --git a/build/integration/features/provisioning-v1.feature b/build/integration/features/provisioning-v1.feature index 22feb7ef24f..307440b4e4f 100644 --- a/build/integration/features/provisioning-v1.feature +++ b/build/integration/features/provisioning-v1.feature @@ -688,4 +688,4 @@ Feature: provisioning And assure user "user0" is disabled And As an "user0" When sending "GET" with exact url to "/index.php/apps/files" - And the HTTP status code should be "403" + And the HTTP status code should be "401" diff --git a/index.php b/index.php index 9ea511c7f00..88104e19742 100644 --- a/index.php +++ b/index.php @@ -55,7 +55,19 @@ try { OC_Template::printExceptionErrorPage($ex, 500); } } catch (\OC\User\LoginException $ex) { - OC_Template::printErrorPage($ex->getMessage(), $ex->getMessage(), 403); + $request = \OC::$server->getRequest(); + /** + * Routes with the @CORS annotation and other API endpoints should + * not return a webpage, so we only print the error page when html is accepted, + * otherwise we reply with a JSON array like the SecurityMiddleware would do. + */ + if (stripos($request->getHeader('Accept'),'html') === false) { + http_response_code(401); + header('Content-Type: application/json; charset=utf-8'); + echo json_encode(['message' => $ex->getMessage()]); + exit(); + } + OC_Template::printErrorPage($ex->getMessage(), $ex->getMessage(), 401); } catch (Exception $ex) { \OC::$server->getLogger()->logException($ex, ['app' => 'index']); |