webapp: Explicitly avoid checking for auth in static subsite requests.

Yesod didn't used to do auth checks for that, but this may have changed.
I don't have a way to reproduce the reported problem yet, but this change
certianly won't hurt anything.

This commit was sponsored by Thom May on Patreon.

1 files changed, 16 insertions, 0 deletions

diff --git a/doc/bugs/Webapp_missing_CSS_and_JS_resources___40__401_Unauthorized__41__/comment_2_20e774c16d6978e0a1137a1e406da244._comment b/doc/bugs/Webapp_missing_CSS_and_JS_resources___40__401_Unauthorized__41__/comment_2_20e774c16d6978e0a1137a1e406da244._comment
new file mode 100644
index 000000000..eb630f364
--- /dev/null
+++ b/doc/bugs/Webapp_missing_CSS_and_JS_resources___40__401_Unauthorized__41__/comment_2_20e774c16d6978e0a1137a1e406da244._comment
@@ -0,0 +1,16 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 2"""
+ date="2016-11-10T17:30:57Z"
+ content="""
+I don't reproduce the problem here. From where did you install git-annex?
+
+This seems likely to have something to do with the version of yesod it was
+built against.
+
+No session cookie is used; the auth token is not supposed to be needed when
+accessing urls under `/static/`. Looking at the code, this was not done
+explicitly; it seems to have relied on yesod not checking for authorization
+for static site parts. I've committed a change, to explicitly skip auth for
+`/static/` but without being able to reproduce the problem, can't test it.
+"""]]