commit 3acfd263e2d4c2ac306cb6f68d4a2d86a1f7a1d3
parent 81332e22941497f8181300c4ba43952e5052e7b5
Author: Christian Grothoff <christian@grothoff.org>
Date: Fri, 23 Aug 2024 19:51:09 +0200
fix #9116
Diffstat:
1 file changed, 20 insertions(+), 11 deletions(-)
diff --git a/src/exchange/taler-exchange-httpd_spa.c b/src/exchange/taler-exchange-httpd_spa.c
@@ -42,18 +42,7 @@ TEH_handler_aml_spa (struct TEH_RequestContext *rc,
const char *const args[])
{
const char *path = args[0];
- struct TALER_AccountAccessTokenP tok;
- if (GNUNET_OK ==
- GNUNET_STRINGS_string_to_data (path,
- strlen (path),
- &tok,
- sizeof (tok)))
- {
- /* The access token is used internally by the SPA,
- we simply map all access tokens to "index.html" */
- path = "index.html";
- }
return TALER_MHD_spa_handler (aml_spa,
rc->connection,
path);
@@ -65,7 +54,27 @@ TEH_handler_kyc_spa (struct TEH_RequestContext *rc,
const char *const args[])
{
const char *path = args[0];
+ struct TALER_AccountAccessTokenP tok;
+ if (NULL == path)
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_FORBIDDEN,
+ TALER_EC_GENERIC_TOKEN_PERMISSION_INSUFFICIENT,
+ "no account access token specified");
+ }
+ if (GNUNET_OK ==
+ GNUNET_STRINGS_string_to_data (path,
+ strlen (path),
+ &tok,
+ sizeof (tok)))
+ {
+ /* The access token is used internally by the SPA,
+ we simply map all access tokens to "index.html" */
+ path = "index.html";
+ }
return TALER_MHD_spa_handler (kyc_spa,
rc->connection,
path);
