Dashboard accessible from outside by default (since 1.7.25)

[silentw]

When using Dashboard version 1.7.24, the dashboard is not accessible from outside of the server (401).
As of version 1.7.25, it is accessible from outside of the server by default.

I have no authorization configured, so by default it should not allow access from outside of the server.

[silentw]

Possibly this #1904 has broken this functionality.

[odinserj]

Oh! Thank you so much for reporting this, new property assignment broke the whole logic. I'm releasing 1.7.26 with the fix right now!

[odinserj]

I've just released the fix, please see https://www.hangfire.io/blog/2021/10/27/hangfire-1.7.26.html. Security updates can be found on this page: https://www.hangfire.io/blog/security.html, you can subscribe to it via RSS (new posts available immediately) or email (sent once a day when new post is available).

In order to give the community time to respond and upgrade we strongly urge you report all security issues privately. Please email us at security@hangfire.io with details and we will respond ASAP. Security issues always take precedence over bug fixes and feature work.

Thanks again for reporting this!