don't generate defender events for HTTP/WebDAV requests with no auth
it is quite common for HTTP clients to send a first request without the Authorization header and then send the credentials after receiving a 401 response. We don't want to generate defender events in this case
This commit is contained in:
parent
29836edf2b
commit
9ca136370e
2 changed files with 2 additions and 2 deletions
|
@ -363,7 +363,7 @@ func parseRangeRequest(bytesRange string, size int64) (int64, int64, error) {
|
|||
|
||||
func updateLoginMetrics(user *dataprovider.User, ip string, err error) {
|
||||
metrics.AddLoginAttempt(dataprovider.LoginMethodPassword)
|
||||
if err != nil && err != common.ErrInternalFailure {
|
||||
if err != nil && err != common.ErrInternalFailure && err != common.ErrNoCredentials {
|
||||
logger.ConnectionFailedLog(user.Username, ip, dataprovider.LoginMethodPassword, common.ProtocolHTTP, err.Error())
|
||||
event := common.HostEventLoginFailed
|
||||
if _, ok := err.(*dataprovider.RecordNotFoundError); ok {
|
||||
|
|
|
@ -367,7 +367,7 @@ func writeLog(r *http.Request, err error) {
|
|||
|
||||
func updateLoginMetrics(user *dataprovider.User, ip, loginMethod string, err error) {
|
||||
metrics.AddLoginAttempt(loginMethod)
|
||||
if err != nil && err != common.ErrInternalFailure {
|
||||
if err != nil && err != common.ErrInternalFailure && err != common.ErrNoCredentials {
|
||||
logger.ConnectionFailedLog(user.Username, ip, loginMethod, common.ProtocolWebDAV, err.Error())
|
||||
event := common.HostEventLoginFailed
|
||||
if _, ok := err.(*dataprovider.RecordNotFoundError); ok {
|
||||
|
|
Loading…
Reference in a new issue