This repository was archived by the owner on Dec 12, 2021. It is now read-only.
This repository was archived by the owner on Dec 12, 2021. It is now read-only.
Secret key #4
Description
The xapit/reload controller action is public and accessible to everyone. This should be protected and require some kind of authorization so the public users cannot trigger it.
This should be possible with a simple key setting. Maybe like this:
XapitSync.private_key = "alsdhskdfhlizhzlsdfhkwe"
If this exists then it is required that this be specified in the URL when triggering xapit controller actions.