ZP-672 Also authenticate Option requests.

Released under the Affero GNU General Public License (AGPL) version 3.

ZP-672 Also authenticate Option requests.
Released under the Affero GNU General Public License (AGPL) version 3.
b53d0252 · Sebastian Kummer · 2a3babc3 · b53d0252
Commit b53d0252 authored Nov 21, 2016 by Sebastian Kummer
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 1 deletion

index.php src/index.php +3 -1

No files found.
--- a/src/index.php
+++ b/src/index.php
@@ -74,8 +74,10 @@ include_once(ZPUSH_CONFIG);
            throw new AuthenticationRequiredException("Access denied. Please send authorisation information");
        // Stop here if this is an OPTIONS request
-        if (Request::IsMethodOPTIONS())
+        if (Request::IsMethodOPTIONS()) {
+            RequestProcessor::Authenticate();
            throw new NoPostRequestException("Options request", NoPostRequestException::OPTIONS_REQUEST);
+        }
        ZPush::CheckAdvancedConfig();