stable
Clone or download
Read-only
Fixes request #33314: Headers missing on preflight requests on tus server endpoint
The unnecessary check regarding the fact the user is logged in or not has been removed from the FileUploadController. Doing it at this level is problematic because we cannot deal with preflight requests as they do not come with the authentication information. In any cases the responsability of checking if a user can or cannot do something is the responsability of the implementations of \Tuleap\Tus\TusDataStore as it is ultimately dependant of the local rules. To test, do an OPTIONS request with curl (or the tool of your liking) to a tus server endpoint (e.g. `/uploads/tracker/file/1`). You should get a 204 with the proper access-control headers set. Change-Id: If66abeebeff80a8946f781efe5c8e839539f6543
Modified Files
Name | ||||
---|---|---|---|---|
M | src/common/Upload/FileUploadController.php | +2 | −26 | Go to diff View file |