From 422da7e40aa95d9e61ba6264be916fe8c64d5aee Mon Sep 17 00:00:00 2001
From: Cristhian Castaneda <ccastanedarivera@gmail.com>
Date: Tue, 14 Dec 2021 14:28:30 -0600
Subject: [PATCH] fix(vulnerability): avoid expose gate endpoints (#1497)

(cherry picked from commit b4ac721b1ad9476b3452d6d259eff703edc53e66)
---
 .../groovy/com/netflix/spinnaker/gate/config/AuthConfig.groovy  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/config/AuthConfig.groovy b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/config/AuthConfig.groovy
index e27c9e78da..12a697e123 100644
--- a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/config/AuthConfig.groovy
+++ b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/config/AuthConfig.groovy
@@ -81,7 +81,7 @@ class AuthConfig {
     http
       .requestMatcher(requestMatcherProvider.requestMatcher())
       .authorizeRequests()
-        .antMatchers('/**/favicon.ico').permitAll()
+        .antMatchers('/favicon.ico').permitAll()
         .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
         .antMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll()
         .antMatchers('/auth/user').permitAll()