Change HTTP code returned for routes rejected in reverse proxy setup

2025-06-24 14:02:09 +02:00 · 2023-11-23 12:49:42 +01:00 · 2023-11-23 12:49:42 +01:00 · ee02fb5d92
commit ee02fb5d92
parent 39bbc8c134
4 changed files with 8 additions and 8 deletions
--- a/app/Http/Middleware/RejectIfReverseProxy.php
+++ b/app/Http/Middleware/RejectIfReverseProxy.php
@ -20,7 +20,7 @@ class RejectIfReverseProxy

            return response()->json([
                'message' => __('errors.unsupported_with_reverseproxy'),
-            ], 400);
+            ], 405);
        }

        return $next($request);
--- a/resources/js_vue3/views/settings/OAuth.vue
+++ b/resources/js_vue3/views/settings/OAuth.vue
@ -46,8 +46,8 @@
            })
        })
        .catch(error => {
-            if( error.response.status === 400 ) {
-                // The backend returns a 400 response for routes with the
+            if( error.response.status === 405 ) {
+                // The backend returns a 405 response for routes with the
                // rejectIfReverseProxy middleware
                isRemoteUser.value = true
            }
--- a/resources/js_vue3/views/settings/WebAuthn.vue
+++ b/resources/js_vue3/views/settings/WebAuthn.vue
@ -94,8 +94,8 @@
            credentials.value = response.data
        })
        .catch(error => {
-            if( error.response.status === 400 ) {
-                // The backend returns a 400 response for routes with the
+            if( error.response.status === 405 ) {
+                // The backend returns a 405 response for routes with the
                // rejectIfReverseProxy middleware
                isRemoteUser.value = true
            }
--- a/tests/Feature/Http/Auth/WebAuthnManageControllerTest.php
+++ b/tests/Feature/Http/Auth/WebAuthnManageControllerTest.php
@ -136,7 +136,7 @@ class WebAuthnManageControllerTest extends FeatureTestCase
    {
        $response = $this->actingAs($this->user, 'reverse-proxy-guard')
            ->json('GET', '/webauthn/credentials')
-            ->assertStatus(400);
+            ->assertStatus(405);
    }

    /**
@ -146,7 +146,7 @@ class WebAuthnManageControllerTest extends FeatureTestCase
    {
        $response = $this->actingAs($this->user, 'reverse-proxy-guard')
            ->json('PATCH', '/webauthn/credentials/fqsdfqsdf/name')
-            ->assertStatus(400);
+            ->assertStatus(405);
    }

    /**
@ -156,7 +156,7 @@ class WebAuthnManageControllerTest extends FeatureTestCase
    {
        $response = $this->actingAs($this->user, 'reverse-proxy-guard')
            ->json('DELETE', '/webauthn/credentials/dcnskldjnkljsrn')
-            ->assertStatus(400);
+            ->assertStatus(405);
    }

    /**