From 8240623806b038739b70bb859640a9ccb90837af Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Joakim=20S=C3=B8rensen?= <joasoe@gmail.com>
Date: Thu, 30 Sep 2021 15:12:04 +0200
Subject: [PATCH] Fix observer security filter (#3173)

---
 supervisor/api/middleware/security.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/supervisor/api/middleware/security.py b/supervisor/api/middleware/security.py
index bc781cfbc..42aaebc8d 100644
--- a/supervisor/api/middleware/security.py
+++ b/supervisor/api/middleware/security.py
@@ -173,7 +173,7 @@ class SecurityMiddleware(CoreSysAttributes):
 
         # Observer
         if supervisor_token == self.sys_plugins.observer.supervisor_token:
-            if not OBSERVER_CHECK.match(request.url):
+            if not OBSERVER_CHECK.match(request.path):
                 _LOGGER.warning("%s invalid Observer access", request.path)
                 raise HTTPForbidden()
             _LOGGER.debug("%s access from Observer", request.path)