From 149f8327c0acc85715cda1043b7b55c5d4ea53b9 Mon Sep 17 00:00:00 2001
From: Sergey Linev <S.Linev@gsi.de>
Date: Fri, 5 Jun 2026 12:36:43 +0200
Subject: [PATCH] [http] by default allow decode of post object

Option can be used to prevent complex object decoding when
exe.json request is executed.

It was default behaviour before.

(cherry picked from commit d4d195552fa4ea96d6b67efce024f114fd9a596b)
---
 net/http/inc/TRootSniffer.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/http/inc/TRootSniffer.h b/net/http/inc/TRootSniffer.h
index 558473ec4ce84..756542e93a358 100644
--- a/net/http/inc/TRootSniffer.h
+++ b/net/http/inc/TRootSniffer.h
@@ -120,7 +120,7 @@ class TRootSniffer : public TNamed {
 protected:
    TString fObjectsPath;    ///<! default path for registered objects
    Bool_t fReadOnly{kTRUE}; ///<! indicate if sniffer allowed to change ROOT structures - like read objects from file
-   Bool_t fAllowPostObject{kFALSE};    ///<! when true allow to deserialize objects received via POST requests
+   Bool_t fAllowPostObject{kTRUE};    ///<! when true allow to deserialize objects received via POST requests
    Bool_t fScanGlobalDir{kTRUE};       ///<! when enabled (default), scan gROOT for histograms, canvases, open files
    std::unique_ptr<TFolder> fTopFolder; ///<! own top TFolder object, used for registering objects
    THttpCallArg *fCurrentArg{nullptr}; ///<! current http arguments (if any)