From 3e87cc6a73fbfc165f81d5f7a3d7d1f76e7feb9a Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Wed, 1 Nov 2017 01:57:08 +0300
Subject: www: /post should not throw if img or attach is present

---
 .../src/main/java/com/juick/www/configuration/WebSecurityConfig.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'juick-www/src/main/java/com/juick/www/configuration')

diff --git a/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
index 3dc7bc76..231c6e2e 100644
--- a/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
+++ b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
@@ -72,7 +72,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
         http.addFilterAfter(hashParamAuthenticationFilter(), BasicAuthenticationFilter.class);
         http
                 .authorizeRequests()
-                .antMatchers("/settings", "/pm/**", "/**/bl", "/_twitter").authenticated()
+                .antMatchers("/settings", "/pm/**", "/**/bl", "/_twitter", "/post", "/comment").authenticated()
                 .anyRequest().permitAll()
                 .and()
                 .anonymous().principal(JuickUser.ANONYMOUS_USER).authorities(JuickUser.ANONYMOUS_AUTHORITY)
-- 
cgit v1.2.3