diff --git a/lib/server.c b/lib/server.c index 49f075c3..f7e6fb42 100644 --- a/lib/server.c +++ b/lib/server.c @@ -770,21 +770,6 @@ lws_http_action(struct lws *wsi) s = uri_ptr + hit->mountpoint_len; - args.p = uri_ptr; - args.len = uri_len; - args.max_len = hit->auth_mask; - args.final = 0; /* used to signal callback dealt with it */ - - n = wsi->protocol->callback(wsi, LWS_CALLBACK_CHECK_ACCESS_RIGHTS, - wsi->user_space, &args, 0); - if (n) { - lws_return_http_status(wsi, HTTP_STATUS_UNAUTHORIZED, - NULL); - goto bail_nuke_ah; - } - if (args.final) /* callback completely handled it well */ - return 0; - /* * if we have a mountpoint like https://xxx.com/yyy * there is an implied / at the end for our purposes since @@ -861,6 +846,21 @@ lws_http_action(struct lws *wsi) if (lws_bind_protocol(wsi, pp)) return 1; + args.p = uri_ptr; + args.len = uri_len; + args.max_len = hit->auth_mask; + args.final = 0; /* used to signal callback dealt with it */ + + n = wsi->protocol->callback(wsi, LWS_CALLBACK_CHECK_ACCESS_RIGHTS, + wsi->user_space, &args, 0); + if (n) { + lws_return_http_status(wsi, HTTP_STATUS_UNAUTHORIZED, + NULL); + goto bail_nuke_ah; + } + if (args.final) /* callback completely handled it well */ + return 0; + if (hit->cgienv && wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_PMO, wsi->user_space, (void *)hit->cgienv, 0))