File tree Expand file tree Collapse file tree 2 files changed +8
-5
lines changed
package/thingino-webui/files Expand file tree Collapse file tree 2 files changed +8
-5
lines changed Original file line number Diff line number Diff line change 11H:/var/www
22P:/favicon.ico:http://127 .0 .0 .1 /a/favicon.ico
3- P:/image.jpg:http://127 .0 .0 .1 /x/ch0.jpg
43P:/mjpeg:http://127 .0 .0 .1 /x/ch0.mjpg
Original file line number Diff line number Diff line change 77
88API_KEY_FILE=" /etc/thingino-api.key"
99
10- # Verify API key from header (X-API-Key: your-key-here)
10+ # Verify API key from header (X-API-Key: your-key-here) or ?token= query param
1111# Returns 0 if valid, 1 if invalid
1212verify_api_key () {
1313 local provided_key=" $HTTP_X_API_KEY "
1414
15- # Also accept key as ?token= query parameter (e.g. snapshot URLs returned by ONVIF)
16- if [ -z " $provided_key " ] && [ -n " $QUERY_STRING " ]; then
17- provided_key=$( echo " $QUERY_STRING " | tr ' &' ' \n' | grep ' ^token=' | head -1 | cut -d' =' -f2-)
15+ # Fall back to ?token= query parameter (used by ONVIF snapshot URLs)
16+ if [ -z " $provided_key " ]; then
17+ case " $QUERY_STRING " in
18+ token=* ) provided_key=" ${QUERY_STRING# token=} " ;;
19+ * token=* ) provided_key=" ${QUERY_STRING##* token=} " ;;
20+ esac
21+ provided_key=" ${provided_key%% &* } "
1822 fi
1923
2024 [ -z " $provided_key " ] && return 1
You can’t perform that action at this time.
0 commit comments