Support as read-only HTTP method not only GET, also HEAD

author: Badlop <badlop@process-one.net> 2011-04-12 23:13:46 +0200
committer: Badlop <badlop@process-one.net> 2011-04-12 23:13:46 +0200
commit: f59a979f7ca135619a77fd9b8a2dc2062534fa27 (patch)
tree: 5c4fb6e9ec20dd80a39feac3898776fde318b180 /src
parent: If extauth script crashes, ejabberd should restart it (EJAB-1428) (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/src/web/ejabberd_web_admin.erl b/src/web/ejabberd_web_admin.erl
index 90e30140..f3809c15 100644
--- a/src/web/ejabberd_web_admin.erl
+++ b/src/web/ejabberd_web_admin.erl
@@ -64,11 +64,15 @@ get_acl_rule(["additions.js"],_) -> {"localhost", [all]};
 get_acl_rule(["vhosts"],_) -> {"localhost", [all]};
 
 %% The pages of a vhost are only accesible if the user is admin of that vhost:
-get_acl_rule(["server", VHost | _RPath], 'GET') -> {VHost, [configure, webadmin_view]};
+get_acl_rule(["server", VHost | _RPath], Method)
+    when Method=:='GET' orelse Method=:='HEAD' ->
+    {VHost, [configure, webadmin_view]};
 get_acl_rule(["server", VHost | _RPath], 'POST') -> {VHost, [configure]};
 
 %% Default rule: only global admins can access any other random page
-get_acl_rule(_RPath, 'GET') -> {global, [configure, webadmin_view]};
+get_acl_rule(_RPath, Method)
+    when Method=:='GET' orelse Method=:='HEAD' ->
+    {global, [configure, webadmin_view]};
 get_acl_rule(_RPath, 'POST') -> {global, [configure]}.
 
 is_acl_match(Host, Rules, Jid) ->
author	Badlop <badlop@process-one.net>	2011-04-12 23:13:46 +0200
committer	Badlop <badlop@process-one.net>	2011-04-12 23:13:46 +0200
commit	f59a979f7ca135619a77fd9b8a2dc2062534fa27 (patch)
tree	5c4fb6e9ec20dd80a39feac3898776fde318b180 /src
parent	If extauth script crashes, ejabberd should restart it (EJAB-1428) (diff)