Fix lesser used options
25b54dba775b31021a3a4677eb79e9771bcb97f7 missed several cases where we
had ifndef instead of ifdef. because these weren't the defaults, these
don't show up as failures when testing.
Tested: Redfish service validator passes. Inspection primarily.
Mechanical change.
Change-Id: I3f6915a97eb44d071795aed76476c6bee7e8ed27
Signed-off-by: Ed Tanous <ed@tanous.net>
diff --git a/http/websocket.hpp b/http/websocket.hpp
index e669ffa..e8d7b12 100644
--- a/http/websocket.hpp
+++ b/http/websocket.hpp
@@ -93,21 +93,21 @@
ws.set_option(boost::beast::websocket::stream_base::decorator(
[session{session},
protocolHeader](boost::beast::websocket::response_type& m) {
-
-#ifndef BMCWEB_INSECURE_DISABLE_CSRF_PREVENTION
- if (session != nullptr)
+ if constexpr (!BMCWEB_INSECURE_DISABLE_CSRF)
{
- // use protocol for csrf checking
- if (session->cookieAuth &&
- !crow::utility::constantTimeStringCompare(
- protocolHeader, session->csrfToken))
+ if (session != nullptr)
{
- BMCWEB_LOG_ERROR("Websocket CSRF error");
- m.result(boost::beast::http::status::unauthorized);
- return;
+ // use protocol for csrf checking
+ if (session->cookieAuth &&
+ !crow::utility::constantTimeStringCompare(
+ protocolHeader, session->csrfToken))
+ {
+ BMCWEB_LOG_ERROR("Websocket CSRF error");
+ m.result(boost::beast::http::status::unauthorized);
+ return;
+ }
}
}
-#endif
if (!protocolHeader.empty())
{
m.insert(bf::sec_websocket_protocol, protocolHeader);