* bug#14370: [PATCH] Write out HTTP Basic auth headers correctly
@ 2013-05-08 8:50 Atom X Zane
2014-01-21 21:59 ` Mark H Weaver
0 siblings, 1 reply; 2+ messages in thread
From: Atom X Zane @ 2013-05-08 8:50 UTC (permalink / raw)
To: 14370
HTTP Basic authorization headers are not output correctly, leaving off
the user credentials in the Authorization: header.
Test case:
(let ((req (build-request
(build-uri
'http
#:host "example.com")
#:headers '((authorization
basic . "dXNlcm5hbWU6cGFzc3dvcmQ=")
))))
(write-request req (current-output-port)))
Expected output:
> GET / HTTP/1.1
> Host: example.com
> Authorization: basic dXNlcm5hbWU6cGFzc3dvcmQ=
Actual output:
> GET / HTTP/1.1
> Host: example.com
> Authorization: basic
As you can see, the user credentials aren't actually written out,
causing the server to return a "401 Authorization required" response. I
have included a patch which remedies this problem.
-- Atom X Zane
* module/web/http.scm: modify write-credentials to display the
base64-encoded concatenation of username and password if the
authorization model is 'basic
---
module/web/http.scm | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/module/web/http.scm b/module/web/http.scm
index 35169ef..0e5db5d 100644
--- a/module/web/http.scm
+++ b/module/web/http.scm
@@ -913,10 +913,10 @@ as an ordered alist."
(define (write-credentials val port)
(display (car val) port)
+ (display #\space port)
(if (pair? (cdr val))
- (begin
- (display #\space port)
- (write-key-value-list (cdr val) port))))
+ (write-key-value-list (cdr val) port)
+ (display (cdr val) port)))
;; challenges = 1#challenge
;; challenge = auth-scheme 1*SP 1#auth-param
--
1.7.10.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* bug#14370: [PATCH] Write out HTTP Basic auth headers correctly
2013-05-08 8:50 bug#14370: [PATCH] Write out HTTP Basic auth headers correctly Atom X Zane
@ 2014-01-21 21:59 ` Mark H Weaver
0 siblings, 0 replies; 2+ messages in thread
From: Mark H Weaver @ 2014-01-21 21:59 UTC (permalink / raw)
To: Atom X Zane; +Cc: 14370-done
Atom X Zane <atomx@deadlyhead.com> writes:
> HTTP Basic authorization headers are not output correctly, leaving off
> the user credentials in the Authorization: header.
Fixed in d0d8c872afcc0e3384389171ceb32dc26df8c8a6 on the stable-2.0
branch, which will become Guile 2.0.10.
Thanks!
Mark
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-01-21 21:59 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-05-08 8:50 bug#14370: [PATCH] Write out HTTP Basic auth headers correctly Atom X Zane
2014-01-21 21:59 ` Mark H Weaver
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).