Security enhancement

2023-10-06 10:34:08 +02:00 · 2023-10-06 10:34:08 +02:00 · 81d6f379a6
commit 81d6f379a6
parent e66f8c4f88
1 changed files with 4 additions and 2 deletions
--- a/config/routes.rb
+++ b/config/routes.rb
@ -186,8 +186,10 @@ if Redmine::Plugin.installed? 'redmine_dmsf'

    # WebDAV workaround for clients checking WebDAV availability in the root
    unless Redmine::Plugin.installed?('easy_extensions')
-      match '/', to: ->(env) { [405, {}, [env.to_s]] }, via: %i[propfind options]
+      match '/', to: ->(env) { [405, {}, ["#{env['REQUEST_METHOD']} method is not allowed"]] },
+            via: %i[propfind options]
    end
-    match '/dmsf', to: ->(env) { [405, {}, [env.to_s]] }, via: %i[propfind options]
+    match '/dmsf', to: ->(env) { [405, {}, ["#{env['REQUEST_METHOD']} method is not allowed"]] },
+          via: %i[propfind options]
  end
 end