Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changed 401 status to 403 in filter for non-permitted IP's.

Browse Source 
403 Forbidden is more appropriate since 401 Unauthorized only
indicates that authentication is needed. In the case of a bad IP,
authentication will make no difference which is exactly what 403 is
meant for.
This commit is contained in:
soh_cah_toa
2013-06-05 17:09:09 -04:00
parent 80ab665054
commit 6c61b39d81
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
extensions/dns/rest/dns.rb
View File

@@ -15,8 +15,8 @@ module Dns
config = BeEF::Core::Configuration.instance
# Require a valid API token from a valid IP address
error 401 unless params[:token] == config.get('beef.api_token')
halt 401 unless BeEF::Core::Rest.permitted_source?(request.ip)
halt 401 unless params[:token] == config.get('beef.api_token')
halt 403 unless BeEF::Core::Rest.permitted_source?(request.ip)
headers 'Content-Type' => 'application/json; charset=UTF-8',
'Pragma' => 'no-cache',