Deploy: allow public (anonymous) access so share links work without login
Build and Deploy Verso / deploy (push) Successful in 1m20s
Build and Deploy Verso / deploy (push) Successful in 1m20s
The web service installs a site-wide login gate (router.mjs: webRouter.all('*',
requireGlobalLogin)) whenever Settings.allowPublicAccess is false — which it was,
since OVERLEAF_ALLOW_PUBLIC_ACCESS wasn't set. That gate bounced every anonymous
request to /login, breaking both Overleaf's own link-sharing and the public
presentation links (the dynamic token routes can't be in the exact-match
global whitelist, so there's no per-path exemption — allowPublicAccess is the
intended knob).
Set OVERLEAF_ALLOW_PUBLIC_ACCESS=true on the verso Deployment. Per-project and
per-route authorization still applies, and private presentation links still
require a login (enforced in the serve handler), so only genuinely public
content is reachable anonymously.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
claude
@@ -276,6 +276,12 @@ jobs:
|
||||
value: Verso
|
||||
- name: OVERLEAF_SITE_URL
|
||||
value: https://test.alocoq.fr
|
||||
# Allow anonymous visitors to reach the site so link
|
||||
# sharing and public presentation links work without a
|
||||
# login. Per-project and per-route access checks still
|
||||
# apply; private presentation links still require login.
|
||||
- name: OVERLEAF_ALLOW_PUBLIC_ACCESS
|
||||
value: "true"
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
|
||||
Reference in New Issue
Block a user