basicauth directive has no way to supply exceptions
Closed this issue · 0 comments
Unless I'm missing some obvious 'trick', the basicauth
directive does not have an easy way to supply exceptions (e.g. via an except
option); the only ways I can see are to list all resources except the one you want an exception for (inconvenient and error-prone), or to set up an additional site block that bypasses the auth plugin directly. I think that, similar to the proxy
directive, basicauth
should have an except
option.
The use case I have in mind for this is a PWA protected behind basicauth. The user-agent requests to get /manifest.json
on each page load, however, Chrome (and possibly other browsers) does not send Authorization headers for this particular request, meaning the console gets spammed with 401 errors, and fails Lighthouse checks.