Backup_Repos/komga
1
0
Fork 0
mirror of https://github.com/gotson/komga.git synced 2025-12-25 18:03:56 +01:00
Code Issues Projects Releases Wiki Activity

ignore web security for static assets

Browse source
This commit is contained in:
Gauthier Roebroeck 2019-11-21 15:32:51 +08:00
parent 3df5e065f7
commit aa969fd8bd
1 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
komga/src/main/kotlin/org/gotson/komga/infrastructure/security/SecurityConfiguration.kt
View file

@ -36,9 +36,6 @@ class SecurityConfiguration(
.csrf().disable()
.authorizeRequests()
// unrestricted endpoints
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
// restrict all actuator endpoints to ADMIN only
.requestMatchers(EndpointRequest.toAnyEndpoint()).hasRole("ADMIN")
@ -70,6 +67,10 @@ class SecurityConfiguration(
web.ignoring()
.antMatchers(
"/error**",
"/css/**",
"/img/**",
"/js/**",
"/favicon.ico",
"/",
"/index.html")
}