Project

General

Profile

Bug #3709

Access to status.xml is denied

Added by B. J. over 5 years ago. Updated over 5 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
User Interface
Target version:
-
Start date:
2016-04-09
Due date:
% Done:

0%

Estimated time:
Found in version:
4.1.1849
Affected Versions:

Description

After upgrade to 4.1.1849 an access to http://<tvheadend>:9981/status.xml seems to be malfunct (HTTP 401).

History

#1

Updated by B. J. over 5 years ago

B. J. wrote:

After upgrade to 4.1.1849 an access to http://<tvheadend>:9981/status.xml seems to be malfunct or broken (HTTP 401).

#2

Updated by Jaroslav Kysela over 5 years ago

Which client? curl must be forced to use digest (--digest option). Or you may disable the new digest authentisation in the general / base config in tvh (not recommended - password is sent over net for this basic http auth).

#3

Updated by B. J. over 5 years ago

Jaroslav Kysela wrote:

Which client? curl must be forced to use digest (--digest option). Or you may disable the new digest authentisation in the general / base config in tvh (not recommended - password is sent over net for this basic http auth).

It's a Kodi-Addon which uses urllib2 Authorization since times (2011). See here: https://github.com/b-jesch/service.tvh.manager/blob/master/default.py#L145

#4

Updated by B. J. over 5 years ago

Disable Digest Authentication fixed this. You should disable this by default (or make it dependend by network config).

#5

Updated by Jaroslav Kysela over 5 years ago

  • Status changed from New to Rejected

No, the client should support digest auth, too. The basic auth is too weak. Note that tvheadend allows forced basic auth from client, too (client should try forcibly the basic auth without waiting for 401 / WWW-Authenticate: Basic reply).

Also available in: Atom PDF