/phpbb

[ticket/10961] Send HTTP 403 when applicable #4340

Open
wants to merge 3 commits into
from
+99 −1

Labels

3.1 (Ascraeus)

Milestone

  3.1.10

Assignees

No one assigned

4 participants

@Senky @marc1706 @Nicofuma @Crizz0
@Senky
Senky commented May 29, 2016

PHPBB3-10961

@Crizz0 Crizz0 added this to the 3.1.10 milestone Jun 19, 2016
@marc1706 marc1706 commented on the diff Aug 21, 2016
View full changes
phpBB/includes/acp/acp_board.php
@@ -623,6 +623,7 @@ function main($id, $mode)
}
else
{
+ send_status_line(403, 'Forbidden');
@marc1706
phpBB Forum Software member
marc1706 added a line comment Aug 21, 2016

E_USER_ERROR will result in a 503 being sent. This will mean we'll have duplicate Status header fields in this case.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@marc1706
phpBB Forum Software member
marc1706 commented Aug 21, 2016

I'm also very unsure about this change since we're trying to move away from using trigger_error() anyway.
As this will also affect 3.2.x, what do you think @Nicofuma ?

@Nicofuma
phpBB Forum Software member
Nicofuma commented Aug 22, 2016

It should be fine for 3.2 but it will indeed affect my existing PRs against master.
Not sure what is the best here...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment