Skip to content

上传文件忽略了验证登录 #70

New issue
New issue
Open
Open
上传文件忽略了验证登录#70
Labels
bugSomething isn't workinggood first issueGood for newcomers
@YiFabao

Description

@YiFabao
YiFabao
opened on Jul 22, 2020

源码中把上传包的api 做了登录忽略,这是为什么? 文档中有地方写到用curl 上传包的时候需要在system 平台获取一个token, 这不是多此一举了吗?

下面是源码中的一段代码:

//上传文件不需要登录
if(WebConf.webConf.uploadLogin || process.env.TARS_WEB_UPLOAD == 'true') {
loginConf.ignore.push('/pages/server/api/upload_patch_package');
loginConf.ignore.push('/api/upload_patch_package');
loginConf.ignore.push('/pages/server/api/upload_and_publish');
loginConf.ignore.push('/api/upload_and_publish');
}

另外还有一个奇怪的地方就是, curl 命令上传包成功,但返回的信息包含了一个 "Method NOT Allowed" !!!
tar cvfz boxserver.tgz ...

  • Trying 172.25.0.1...
  • TCP_NODELAY set
  • Connected to 172.25.0.1 (172.25.0.1) port 3000 (#0)

POST /api/upload_and_publish?ticket=cde57eeb8b1e9138c38f23eaebe5aebf9ff56fe0111 HTTP/1.1
Host: 172.25.0.1:3000
User-Agent: curl/7.58.0
Accept: /
Content-Length: 11824338
Content-Type: multipart/form-data; boundary=------------------------f8e7df31d8cfb4dd
Expect: 100-continue

< HTTP/1.1 100 Continue
< HTTP/1.1 200 OK
< X-RateLimit-Limit: 5000
< X-RateLimit-Remaining: 4998
< X-RateLimit-Reset: 1595390400
< X-DNS-Prefetch-Control: off
< X-Frame-Options: SAMEORIGIN
< Strict-Transport-Security: max-age=15552000; includeSubDomains
< X-Download-Options: noopen
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Content-Type: text/plain; charset=utf-8
< Content-Length: 285
< Surrogate-Control: no-store
< Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
< Pragma: no-cache
< Expires: 0
< Set-Cookie: dcache=true; path=/
< Date: Wed, 22 Jul 2020 03:59:50 GMT
< Connection: keep-alive
<
Method Not Allowed
patch serverId: 108, node_name: 172.25.0.5

task no: [33fd1e8440ba4d5bb19213ab44432e2b]

172.25.0.5 EM_I_SUCCESS startServer [quwanyun.boxserver] from 172.25.0.3 :server is activating, please check:

  • Connection #0 to host 172.25.0.1 left intact

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't workinggood first issueGood for newcomers

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions