Closed billietl closed 5 years ago
Hi,
portainer gives users ability to execute some tasks (like updating deployed services) with a webhook without authentication. The problem is, ssowat gets in the way and redirects to yunohosts login panel. See this curl command :
$ curl -i https://portainer.louis.mushland.xyz/api/webhooks/my_webhook HTTP/2 302 server: nginx date: Tue, 20 Aug 2019 14:31:50 GMT content-type: text/html location: https://louis.mushland.xyz/yunohost/sso/?r=sso_token x-sso-wat: You've just been SSOed strict-transport-security: max-age=63072000; includeSubDomains; preload content-security-policy: upgrade-insecure-requests content-security-policy-report-only: default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options: nosniff x-xss-protection: 1; mode=block x-download-options: noopen x-permitted-cross-domain-policies: none x-frame-options: SAMEORIGIN <html> <head><title>302 Found</title><script type="text/javascript" src="/ynh_portal.js"></script><link type="text/css" rel="stylesheet" href="/ynh_overlay.css"></link><script type="text/javascript" src="/ynhtheme/custom_portal.js"></script><link type="text/css" rel="stylesheet" href="/ynhtheme/custom_overlay.css"></link></head> <body bgcolor="white"> <center><h1>302 Found</h1></center> <hr><center>nginx</center> </body> </html>
IMO, portainer's webhooks should not be covered by yunohost SSO configuration.
Hi,
portainer gives users ability to execute some tasks (like updating deployed services) with a webhook without authentication. The problem is, ssowat gets in the way and redirects to yunohosts login panel. See this curl command :
IMO, portainer's webhooks should not be covered by yunohost SSO configuration.