Просмотр исходного кода

security(http): don't expose miniflux' version on an unauthenticated endpoint

There is no reason to expose miniflux' version to the internet.
jvoisin 4 месяцев назад
Родитель
Сommit
2619eba43c
1 измененных файлов с 0 добавлено и 5 удалено
  1. 0 5
      internal/http/server/httpd.go

+ 0 - 5
internal/http/server/httpd.go

@@ -20,7 +20,6 @@ import (
 	"miniflux.app/v2/internal/http/request"
 	"miniflux.app/v2/internal/storage"
 	"miniflux.app/v2/internal/ui"
-	"miniflux.app/v2/internal/version"
 	"miniflux.app/v2/internal/worker"
 
 	"github.com/gorilla/mux"
@@ -250,10 +249,6 @@ func setupHandler(store *storage.Storage, pool *worker.Pool) *mux.Router {
 
 	subrouter.HandleFunc("/healthcheck", readinessProbe).Name("healthcheck")
 
-	subrouter.HandleFunc("/version", func(w http.ResponseWriter, r *http.Request) {
-		w.Write([]byte(version.Version))
-	}).Name("version")
-
 	if config.Opts.HasMetricsCollector() {
 		subrouter.Handle("/metrics", promhttp.Handler()).Name("metrics")
 		subrouter.Use(func(next http.Handler) http.Handler {