Media files are reachable unauthenticated #17972
Assignees
Labels
severity: high
Completely breaks certain functions, or substantially degrades performance application-wide
status: accepted
This issue has been accepted for implementation
type: bug
A confirmed report of unexpected behavior in the application
Comments
Andres1357
added
status: needs triage
|
I believe change #16580 may be the cause. |
|
Can confirm this. |
jeremystretch
added
status: needs owner
|
We'll need to implement a custom wrapper view to inherit from ConditionalLoginRequiredMixin and ensure |
jeremystretch
added
status: accepted
jeremystretch
added a commit
that referenced
this issue
Nov 12, 2024
jeremystretch
added a commit
that referenced
this issue
Nov 12, 2024
|
Thanks Jeremy! |
jsenecal
pushed a commit
to jsenecal/netbox
that referenced
this issue
Nov 12, 2024
… requesting static media (netbox-community#17990)
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Deployment Type
Self-hosted
Triage priority
N/A
NetBox Version
v4.1.6
Python Version
3.12
Steps to Reproduce
(https://yournetbox.com/media/image-attachments/yourimage.png)
I've reproduced this in various NetBox versions (4.1.0, 4.1.1, 4.1.5, 4.1.6) both as standalone and in Docker.
It is reproducible using the Documents plugin as well as it also stores files in the media directory (https://yournetbox.com/media/netbox-documents/doc.pdf)
I've also reproduced it on https://netbox-demo.netboxlabs.com, though I can't confirm if that instance has LOGIN_REQUIRED = True.
Expected Behavior
It is my understanding that NetBox should not display the file and instead redirect to the login page if the variable LOGIN_REQUIRED = True. This was the behavior seen on NetBox v4.0.3.
Observed Behavior
NetBox displays the file just as if you were logged in.
The text was updated successfully, but these errors were encountered: