Spiegel von
https://github.com/dani-garcia/vaultwarden.git
synchronisiert 2024-11-26 05:50:29 +01:00
636f16dc66
When you are not loggedin, and have no cookie etc.. we always returned a 401. This was mainly to allow the login page on all the sub pages, and after login being redirected to the requested page, for these pages a 401 is a valid response, since, you do not have access. But for the main `/admin` page, it should just respond with a `200` and show the login page. This PR fixes this flow and response. It should prevent people using Fail2ban, or other tools being triggered by only accessing the login page. Resolves #3540 |
||
---|---|---|
.. | ||
core | ||
admin.rs | ||
icons.rs | ||
identity.rs | ||
mod.rs | ||
notifications.rs | ||
web.rs |