| valerio.bozzolan | |
| Nov 27 2020, 19:28 |
| F1451603: image.png | |
| Nov 27 2020, 19:28 |
| F1451601: image.png | |
| Nov 27 2020, 19:28 |
In T594 we have protected LibreTime with an HTTP Auth using an Apache frontend but this caused the unintentionally protection of all LibreTime widgets under the /embed base URL.
This is a nasty behavior because now a widget is embedded in the website causing the OAuth popup to visitors and consequent failure:
We have not noticed this until today because this is what I was seeing. You know, "it works on my computer" because I'm already authenticated:
| Status | Assigned | Task | ||
|---|---|---|---|---|
| Resolved | valerio.bozzolan | T522 Install LibreTime | ||
| Resolved | valerio.bozzolan | T594 Expose the new LibreTime virtual machine via Reyboz reyboz to director.border-radio.it | ||
| Resolved | valerio.bozzolan | T619 Fix unintended HTTP Auth for LibreTime widgets |
See T594: Expose the new LibreTime virtual machine via Reyboz reyboz to director.border-radio.it for the updated Apache configuration.
We was forgetting the internal resources:
# Allow everyone to see LibreTime widgets # https://gitpull.it/T619 <Location "/embed/"> AuthType none Require all granted Satisfy any </Location> # Allow everyone to see LibreTime widgets and its resources # https://gitpull.it/T619 <Location "/js/"> AuthType none Require all granted Satisfy any </Location> # Allow everyone to see LibreTime widgets and its resources # https://gitpull.it/T619 <Location "/widgets/"> AuthType none Require all granted Satisfy any </Location> # Allow everyone to see LibreTime widgets and its resources # https://gitpull.it/T619 <Location "/css/"> AuthType none Require all granted Satisfy any </Location>