New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
root: disable APPEND_SLASH #6928
Conversation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
✅ Deploy Preview for authentik-storybook canceled.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
Codecov ReportPatch coverage:
Additional details and impacted files@@ Coverage Diff @@
## main #6928 +/- ##
==========================================
- Coverage 92.72% 91.20% -1.52%
==========================================
Files 567 567
Lines 27927 27928 +1
==========================================
- Hits 25893 25469 -424
- Misses 2034 2459 +425
Flags with carried forward coverage won't be shown. Click here to find out more.
☔ View full report in Codecov by Sentry. |
* main: (41 commits) root: fix missing /lifecycle in path website/blog: add info-block to blog about m2m (#7002) root: handle SIGHUP and SIGUSR2, healthcheck gunicorn (#6630) flows: stage_invalid() makes flow restart depending on invalid_response_action setting (#6780) core: bump psycopg from 3.1.11 to 3.1.12 (#6997) core: bump pydantic from 2.4.0 to 2.4.1 (#6998) web: bump the sentry group in /web with 2 updates (#6999) web: bump pyright from 1.1.328 to 1.1.329 in /web (#7000) website/blog: improved sentence (#6995) website/blog: fix missing link in m2m post (#6994) web/user: fix incorrect link to admin interface (#6993) root: disable APPEND_SLASH (#6928) root: replace boj/redistore with vendored version of rbcervilla/redisstore (#6988) sources/ldap: add default property mapping to mirror directory structure (#6990) website/blogs: Blog about m2m (#6974) root: make Celery worker concurrency configurable (#6837) root: make postgres connection in makefile customizable (#6977) core: prevent self-impersonation (#6885) web: bump @typescript-eslint/parser from 6.7.2 to 6.7.3 in /web (#6984) core: bump pydantic from 2.3.0 to 2.4.0 (#6979) ...
Details
Currently, with APPEND_SLASH enabled, requests to
core/users
will be redirected tocore/users/
. While this is fine for GET requests, with POST requests the redirect causes the request payload to get lost and the method turns into a GET, which causes a lot of hard-to-find errors. With this setting disabled, requests tocore/users
will simply return a 404.Checklist
ak test authentik/
)make lint-fix
)If an API change has been made
make gen-build
)If changes to the frontend have been made
make web
)make i18n-extract
)If applicable
make website
)