nextcloud · icewind1991 · Dec 7, 2023 · Dec 7, 2023 · Dec 7, 2023 · Dec 7, 2023
diff --git a/appinfo/info.xml b/appinfo/info.xml
@@ -9,7 +9,7 @@
 Guests accounts can be created from the share menu by entering either the recipients email or name and choosing "create guest account", once the share is created the guest user will receive an email notification about the mail with a link to set their password.
 
 Guests users can only access files shared to them and cannot create any files outside of shares, additionally, the apps accessible to guest accounts are whitelisted.]]></description>
-	<version>2.4.0</version>
+	<version>2.4.1</version>
 	<licence>agpl</licence>
 	<author>Nextcloud</author>
 	<types>

diff --git a/lib/AppWhitelist.php b/lib/AppWhitelist.php
@@ -113,7 +113,7 @@ public function isUrlAllowed(IUser $user, $url): bool {
 	}
 
 	public function verifyAccess(IUser $user, IRequest $request): void {
-		if (!$this->isUrlAllowed($user, $request->getRawPathInfo())) {
+		if (!$this->isUrlAllowed($user, $request->getPathInfo())) {
 			header('HTTP/1.0 403 Forbidden');
 			Template::printErrorPage($this->l10n->t(
 				'Access to this resource is forbidden for guests.'

diff --git a/lib/Controller/SettingsController.php b/lib/Controller/SettingsController.php
@@ -96,7 +96,6 @@ public function setConfig(bool $useWhitelist, array $whitelist, bool $allowExter
 	 * We do not set the whitelist to null when it is unused. This is by design.
 	 * It allows remembering the whitelist throughout changes.
 	 *
-	 * @NoAdminRequired
 	 * @return DataResponse with the current whitelist config
 	 */
 	public function getWhitelist(): DataResponse {
@@ -111,7 +110,6 @@ public function getWhitelist(): DataResponse {
 	/**
 	 * AJAX handler for resetting the whitelisted apps
 	 *
-	 * @NoAdminRequired
 	 * @return DataResponse with the reset whitelist
 	 */
 	public function resetWhitelist(): DataResponse {