Skip to content

Request with invalid token_auth responds 200 OK #18055

New issue
New issue
Closed
#19813
Closed
Request with invalid token_auth responds 200 OK#18055
#19813
Labels
c: PlatformFor Matomo platform changes that aren't impacting any of our APIs but improve the core itself.not-in-changelogFor issues or pull requests that should not be included in our release changelog on matomo.org.
Milestone
5.0.0
@MrIsak

Description

@MrIsak
MrIsak
opened on Sep 23, 2021

When sending requests against the API module with a non existing token, the HTTP response should be 403. Not 200.

Expected Behavior

When sending a request with a non existing token, response code should be 403

Current Behavior

Response code is 200

Steps to Reproduce (for Bugs)

  1. curl -ik 'https://matomo.example.com/index.php?module=API&method=API.getMatomoVersion&token_auth=I_DONT_EXIST'

Your Environment

  • Matomo Version: 4.4.1
  • PHP Version: PHP 7.4.3
  • Server Operating System: Ubuntu 20.04.03

Metadata

Metadata

Assignees

No one assigned

    Labels

    c: PlatformFor Matomo platform changes that aren't impacting any of our APIs but improve the core itself.not-in-changelogFor issues or pull requests that should not be included in our release changelog on matomo.org.

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions