@diosmosis opened this Pull Request on May 16th 2021 Member

Description:

Fixes #17559

Review

  • [ ] Functional review done
  • [ ] Potential edge cases thought about (behavior of the code with strange input, with strange internal state or possible interactions with other Matomo subsystems)
  • [ ] Usability review done (is anything maybe unclear or think about anything that would cause people to reach out to support)
  • [ ] Security review done see checklist
  • [ ] Code review done
  • [ ] Tests were added if useful/possible
  • [ ] Reviewed for breaking changes
  • [ ] Developer changelog updated if needed
  • [ ] Documentation added if needed
  • [ ] Existing documentation updated if needed
@Findus23 commented on May 17th 2021 Member

@diosmosis One issue with this method is that it will warn if someone set up their server to return a 301 Moved Permanently on the config.ini.php request.
(reported in https://forum.matomo.org/t/nach-update-auf-4-3-fehlermeldung-required-private-directories/41903)

@diosmosis commented on May 18th 2021 Member

@Findus23 I thought about it but I can't think of a good way to deal w/ redirects. We could follow them, but then we don't know if we're still looking at config.ini.php. If we don't follow them, and just accept 3XX codes, then we might end up accepting a redirect between protocols. I guess we could check both http:// and https:// w/o following redirects and if either both return 3XX or both return 4XX, we can safely pass?

This Pull Request was closed on May 16th 2021
Powered by GitHub Issue Mirror