generated from coulomb/repo-seed
fix(privacyidea): disable response signing + raise rate limit to unblock login
PI_NO_RESPONSE_SIGN=True works around Werkzeug 3.x crash where request.json raises BadRequest on GET requests with empty bodies (sign_response path). Rate limit raised from 20/5 to 200/100 req/min to allow the AngularJS UI's burst of ~50 parallel static asset requests on each page load without being throttled by Traefik. TODO: split tight /auth+/validate vs loose /static limits. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -43,3 +43,8 @@ data:
|
||||
|
||||
# Scripts folder for event handlers (leave default unless customising).
|
||||
PI_SCRIPT_FOLDER = "/etc/privacyidea/scripts"
|
||||
|
||||
# Disable response signing — sign_response crashes on GET requests with
|
||||
# Werkzeug 3.x because request.json raises BadRequest for empty bodies.
|
||||
# The audit keys are still used for audit log signing.
|
||||
PI_NO_RESPONSE_SIGN = True
|
||||
|
||||
Reference in New Issue
Block a user