Restrict /api/config/raw to admin role to prevent credential leak to non-admin users (#22523)

2026-04-19 23:08:08 +02:00 · 2026-03-18 17:14:59 -05:00
parent ae9b307dfc
commit e78da2758d
2 changed files with 1 additions and 2 deletions
--- a/frigate/api/auth.py
+++ b/frigate/api/auth.py
@@ -67,7 +67,6 @@ def require_admin_by_default():
        "/stats",
        "/stats/history",
        "/config",
-        "/config/raw",
        "/vainfo",
        "/nvinfo",
        "/labels",