Fixed: Don't set cookies for static resources

(cherry picked from commit 6619350)
Radarr · Mar 9, 2021 · e8972f2 · e8972f2
1 parent 578ce25
commit e8972f2
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 0 deletions.
diff --git a/src/Radarr.Http/Authentication/AuthenticationService.cs b/src/Radarr.Http/Authentication/AuthenticationService.cs
@@ -5,6 +5,7 @@
 using Nancy;
 using Nancy.Authentication.Basic;
 using Nancy.Authentication.Forms;
+using Nancy.Routing.Trie.Nodes;
 using NLog;
 using NzbDrone.Common.Extensions;
 using NzbDrone.Core.Authentication;
@@ -160,6 +161,11 @@ public bool IsAuthenticated(NancyContext context)
                 return true;
             }
 
+            if (context.Request.IsBundledJsRequest())
+            {
+                return true;
+            }
+
             if (ValidUser(context))
             {
                 return true;

diff --git a/src/Radarr.Http/Extensions/Pipelines/SetCookieHeaderPipeline.cs b/src/Radarr.Http/Extensions/Pipelines/SetCookieHeaderPipeline.cs
@@ -0,0 +1,30 @@
+using System;
+using System.Linq;
+using Nancy;
+using Nancy.Bootstrapper;
+
+namespace Radarr.Http.Extensions.Pipelines
+{
+    public class SetCookieHeaderPipeline : IRegisterNancyPipeline
+    {
+        public int Order => 99;
+
+        public void Register(IPipelines pipelines)
+        {
+            pipelines.AfterRequest.AddItemToEndOfPipeline((Action<NancyContext>)Handle);
+        }
+
+        private void Handle(NancyContext context)
+        {
+            if (context.Request.IsContentRequest() || context.Request.IsBundledJsRequest())
+            {
+                var authCookie = context.Response.Cookies.FirstOrDefault(c => c.Name == "RadarrAuth");
+
+                if (authCookie != null)
+                {
+                    context.Response.Cookies.Remove(authCookie);
+                }
+            }
+        }
+    }
+}
diff --git a/src/Radarr.Http/Extensions/RequestExtensions.cs b/src/Radarr.Http/Extensions/RequestExtensions.cs
@@ -40,6 +40,11 @@ public static bool IsContentRequest(this Request request)
             return request.Path.StartsWith("/Content/", StringComparison.InvariantCultureIgnoreCase);
         }
 
+        public static bool IsBundledJsRequest(this Request request)
+        {
+            return !request.Path.EqualsIgnoreCase("/initialize.js") && request.Path.EndsWith(".js", StringComparison.InvariantCultureIgnoreCase);
+        }
+
         public static bool IsSharedContentRequest(this Request request)
         {
             return request.Path.StartsWith("/MediaCover/", StringComparison.InvariantCultureIgnoreCase) ||