Ensure redirect not sent twice when verifying admin route on initial registration

2026-02-20 05:11:08 +08:00 · 2019-03-17 13:04:32 +00:00 · 2019-03-17 13:04:32 +00:00 · 26322ade92
commit 26322ade92
parent 6ce1e99438
2 changed files with 6 additions and 1 deletions
--- a/src/main/java/io/linuxserver/fleet/web/WebServer.java
+++ b/src/main/java/io/linuxserver/fleet/web/WebServer.java
@ -100,6 +100,9 @@ public class WebServer {

        return () -> before(path, (request, response) -> {

+            if (response.raw().isCommitted())
+                return;
+
            Session session = request.session(false);

            if (null == session)
--- a/src/main/java/io/linuxserver/fleet/web/routes/InitialUserFilterRoute.java
+++ b/src/main/java/io/linuxserver/fleet/web/routes/InitialUserFilterRoute.java
@ -23,6 +23,8 @@ import spark.Filter;
 import spark.Request;
 import spark.Response;

+import static spark.Spark.halt;
+
 /**
 * <p>
 * Forces the maintainer of Fleet to set up an initial user before running Fleet.
@ -51,7 +53,7 @@ public class InitialUserFilterRoute implements Filter {
        if (databaseAuthenticationEnabled) {

            if (!initialUserNeedsConfiguring() && "/admin/setup".equals(request.pathInfo())) {
-                response.redirect("/admin");
+                halt(401);
            }

            else if (initialUserNeedsConfiguring() && !pathIsExempted(request.pathInfo())) {