1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-25 12:15:18 +01:00

Auth/ps 2465 fix knowndevices path (#4710)

* PS-2450 EC-1073 Do not decode and normalize query

Co-authored-by: Jake Fink <jfink@bitwarden.com>

* Use encoded query parameters over path

* Prefer POST for requests with sensitive information

* Send private information in headers over query

* B64 encode email

---------

Co-authored-by: Jake Fink <jfink@bitwarden.com>
This commit is contained in:
Matt Gibson 2023-03-07 13:49:12 -05:00 committed by GitHub
parent 6876aad883
commit a16d02b39d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1212,8 +1212,10 @@ export class ApiService implements ApiServiceAbstraction {
}
async getKnownDevice(email: string, deviceIdentifier: string): Promise<boolean> {
const path = `/devices/knowndevice/${email}/${deviceIdentifier}`;
const r = await this.send("GET", path, null, false, true);
const r = await this.send("GET", "/devices/knowndevice", null, false, true, null, (headers) => {
headers.set("X-Device-Identifier", deviceIdentifier);
headers.set("X-Request-Email", Utils.fromUtf8ToUrlB64(email));
});
return r as boolean;
}