Bug 822 - HSOL-4013 / AG/ Can access to WebUI login popup via virtual site SSL port(e.g. 443)
Review Request #261 — Created May 21, 2024 and submitted — Latest diff uploaded
| Information | |
|---|---|
| shuinvy | |
| AG | |
| rel_ag_9_4_5 | |
| 822 | |
| Reviewers | |
| jasonchou, milliechou | |
Prevent accessing WebUI via url contains '/login/'
After changing config file of lighttpd and restart WebUI, if user input ':8888' after 'localhost' for virtual site url, they will redirect to '403 forbidden' instead of login popup.
Be careful there is no name of new API for WebUI that contains the keyword: '/login/' in the future. (Such as https://xxx.xxx.xxx:8888/login/...)