Louvorg/ReaderForSelfoss-multiplatform
Louvorg/ReaderForSelfoss-multiplatform
3
2
Fork 2
Code Issues 6 Pull Requests 2 Actions Releases 83 Wiki Activity

Remove login information from update request
All checks were successful
Check PR code / translations (pull_request) Successful in 38s
Details
Check PR code / Lint (pull_request) Successful in 49s
Details
Check PR code / build (pull_request) Successful in 35s
Details

Browse Source 
Removed the username and password in the GET /update request.
The endpoint does not require authentication and it is unsafe to transmit login credentials over GET requests.
This commit is contained in:
davidoskky 2025-04-12 22:48:42 +02:00
parent a7bc64d61e
commit 269937ff09
1 changed files with 0 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
shared/src/commonMain/kotlin/bou/amine/apps/readerforselfossv2/rest/SelfossApi.kt
View File

@ -375,15 +375,6 @@ class SelfossApi(
appSettingsService.getBasicPassword().isNotEmpty() appSettingsService.getBasicPassword().isNotEmpty()
) { ) {
headers { headers {
append(
HttpHeaders.Authorization,
constructBasicAuthValue(
BasicAuthCredentials(
username = appSettingsService.getBasicUserName(),
password = appSettingsService.getBasicPassword(),
),
),
)
append( append(
HttpHeaders.Accept, HttpHeaders.Accept,
"text/event-stream", "text/event-stream",