Support as read-only HTTP method not only GET, also HEAD

author Badlop <badlop@process-one.net>

Tue, 12 Apr 2011 21:13:46 +0000 (23:13 +0200)

committer Badlop <badlop@process-one.net>

Wed, 13 Apr 2011 08:32:24 +0000 (10:32 +0200)
author Badlop <badlop@process-one.net>
Tue, 12 Apr 2011 21:13:46 +0000 (23:13 +0200)
committer Badlop <badlop@process-one.net>
Wed, 13 Apr 2011 08:32:24 +0000 (10:32 +0200)
diff --git a/src/web/ejabberd_web_admin.erl b/src/web/ejabberd_web_admin.erl

index ab9d06baf0eec3ff283b2e7011896e7f90ce1318..3e44be216359497d60245d82bfd828eb06a8677b 100644 (file)
--- a/src/web/ejabberd_web_admin.erl
+++ b/src/web/ejabberd_web_admin.erl
@@ -64,11 +64,15 @@ get_acl_rule(["additions.js"],_) -> {"localhost", [all]};
  get_acl_rule(["vhosts"],_) -> {"localhost", [all]};
  
  %% The pages of a vhost are only accesible if the user is admin of that vhost:
-get_acl_rule(["server", VHost | _RPath], 'GET') -> {VHost, [configure, webadmin_view]};
+get_acl_rule(["server", VHost | _RPath], Method)
+    when Method=:='GET' orelse Method=:='HEAD' ->
+    {VHost, [configure, webadmin_view]};
  get_acl_rule(["server", VHost | _RPath], 'POST') -> {VHost, [configure]};
  
  %% Default rule: only global admins can access any other random page
-get_acl_rule(_RPath, 'GET') -> {global, [configure, webadmin_view]};
+get_acl_rule(_RPath, Method)
+    when Method=:='GET' orelse Method=:='HEAD' ->
+    {global, [configure, webadmin_view]};
  get_acl_rule(_RPath, 'POST') -> {global, [configure]}.
  
  is_acl_match(Host, Rules, Jid) ->
author	Badlop <badlop@process-one.net>
	Tue, 12 Apr 2011 21:13:46 +0000 (23:13 +0200)
committer	Badlop <badlop@process-one.net>
	Wed, 13 Apr 2011 08:32:24 +0000 (10:32 +0200)