fix(backend): ジョブキュー管理画面の認証を回避できる問題を修正

2023-08-20 10:00:10 +09:00 · 2023-08-20 10:00:10 +09:00 · c9aeccb2ab
commit c9aeccb2ab
parent e6032a03b6
2 changed files with 4 additions and 1 deletions
--- a/packages/backend/src/server/web/ClientServerService.ts
+++ b/packages/backend/src/server/web/ClientServerService.ts
@ -143,7 +143,9 @@ export class ClientServerService {

 		// Authenticate
 		fastify.addHook('onRequest', async (request, reply) => {
-			if (request.url === bullBoardPath || request.url.startsWith(bullBoardPath + '/')) {
+			// %71ueueとかでリクエストされたら困るため
+			const url = decodeURI(request.url);
+			if (url === bullBoardPath || url.startsWith(bullBoardPath + '/')) {
 				const token = request.cookies.token;
 				if (token == null) {
 					reply.code(401);