don't even parse requiresAuth commands unless client is authenticated

XMLWordPrintableJSON

    • Fully Compatible
    • v4.0, v3.6
    • Platforms 2018-05-07, Platforms 2018-05-21, Platforms 2018-06-04
    • 45
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Most Commands have a requiresAuth()==true condition (the default).
      For those commands, we shouldn't parse() their request unless the client is authenticated.

      These requests are going to be rejected anyway, so there's no user-visible change, but we could be making the rejection decision more securely and efficiently.

              Assignee:
              Billy Donahue
              Reporter:
              Billy Donahue
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

                Created:
                Updated:
                Resolved: