Remove login information from update request

Removed the username and password in the GET /update request. The endpoint does not require authentication and it is unsafe to transmit login credentials over GET requests.
2025-04-12 23:00:24 +02:00 · 2025-04-12 23:00:24 +02:00 · 4b9899c04e
commit 4b9899c04e
parent e9e2b6415f
1 changed files with 0 additions and 21 deletions
--- a/shared/src/commonMain/kotlin/bou/amine/apps/readerforselfossv2/rest/SelfossApi.kt
+++ b/shared/src/commonMain/kotlin/bou/amine/apps/readerforselfossv2/rest/SelfossApi.kt
@ -365,27 +365,6 @@ class SelfossApi(
    suspend fun update(): StatusAndData<String> =
        bodyOrFailure(
            client.tryToGet(url("/update")) {
-                if (!shouldHavePostLogin()) {
-                    parameter("username", appSettingsService.getUserName())
-                    parameter("password", appSettingsService.getPassword())
-                }
-                if (appSettingsService
-                        .getBasicUserName()
-                        .isNotEmpty() &&
-                    appSettingsService.getBasicPassword().isNotEmpty()
-                ) {
-                    headers {
-                        append(
-                            HttpHeaders.Authorization,
-                            constructBasicAuthValue(
-                                BasicAuthCredentials(
-                                    username = appSettingsService.getBasicUserName(),
-                                    password = appSettingsService.getBasicPassword(),
-                                ),
-                            ),
-                        )
-                    }
-                }
                headers {
                    append(
                        HttpHeaders.Accept,