mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-14 22:05:44 +00:00
fix for bug #42008. make HTTP basic auth case insensitive. r=shaver,brendan,gagan,valeski a=brendan.
This commit is contained in:
parent
87f7739f82
commit
565f3bc5c6
@ -100,7 +100,7 @@ RegisterBasicAuth(nsIComponentManager *aCompMgr, nsIFile *aPath,
|
||||
do_GetService(NS_CATEGORYMANAGER_PROGID, &rv);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
nsXPIDLCString previous;
|
||||
return catman->AddCategoryEntry("http-auth", "Basic", NS_BASICAUTH_PROGID,
|
||||
return catman->AddCategoryEntry("http-auth", "basic", NS_BASICAUTH_PROGID,
|
||||
PR_TRUE, PR_TRUE, getter_Copies(previous));
|
||||
}
|
||||
|
||||
@ -113,13 +113,13 @@ UnregisterBasicAuth(nsIComponentManager *aCompMgr, nsIFile *aPath,
|
||||
do_GetService(NS_CATEGORYMANAGER_PROGID, &rv);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
nsXPIDLCString basicAuth;
|
||||
rv = catman->GetCategoryEntry("http-auth", "Basic",
|
||||
rv = catman->GetCategoryEntry("http-auth", "basic",
|
||||
getter_Copies(basicAuth));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
|
||||
// only unregister if we're the current Basic-auth handler
|
||||
if (!strcmp(basicAuth, NS_BASICAUTH_PROGID))
|
||||
return catman->DeleteCategoryEntry("http-auth", "Basic", PR_TRUE,
|
||||
return catman->DeleteCategoryEntry("http-auth", "basic", PR_TRUE,
|
||||
getter_Copies(basicAuth));
|
||||
return NS_OK;
|
||||
}
|
||||
|
@ -18,6 +18,8 @@
|
||||
* Rights Reserved.
|
||||
*
|
||||
* Contributor(s):
|
||||
* Mike Shaver <shaver@zeroknowledge.com>
|
||||
* Christopher Blizzard <blizzard@mozilla.org>
|
||||
*/
|
||||
|
||||
#include "nsBasicAuth.h"
|
||||
@ -43,7 +45,7 @@ nsBasicAuth::Authenticate(nsIURI* i_URI, const char *protocol,
|
||||
char **oResult)
|
||||
{
|
||||
// we only know how to deal with Basic auth for http.
|
||||
PRBool isBasicAuth = !strncmp(iChallenge, "Basic ", 6);
|
||||
PRBool isBasicAuth = !PL_strncasecmp(iChallenge, "basic ", 6);
|
||||
NS_ASSERTION(isBasicAuth, "nsBasicAuth called for non-Basic auth");
|
||||
if (!isBasicAuth)
|
||||
return NS_ERROR_INVALID_ARG;
|
||||
@ -61,8 +63,10 @@ nsBasicAuth::Authenticate(nsIURI* i_URI, const char *protocol,
|
||||
if (iPass) {
|
||||
cPass.AssignWithConversion(iPass);
|
||||
}
|
||||
PRUint32 length = cUser.Length() + (iPass ? (cPass.Length() + 2) : 1);
|
||||
char* tempBuff = (char *)nsMemory::Alloc(length);
|
||||
PRUint32 nbytes = cUser.Length() + 1;
|
||||
if (iPass)
|
||||
nbytes += cPass.Length() + 1;
|
||||
char* tempBuff = (char *)nsMemory::Alloc(nbytes);
|
||||
if (!tempBuff)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
strcpy(tempBuff, cUser.GetBuffer());
|
||||
@ -71,7 +75,9 @@ nsBasicAuth::Authenticate(nsIURI* i_URI, const char *protocol,
|
||||
strcat(tempBuff, cPass.GetBuffer());
|
||||
}
|
||||
|
||||
char *base64Buff = PL_Base64Encode(tempBuff, length, nsnull);
|
||||
// <shaver> we use nbytes - 1 here to avoid encoding the trailing
|
||||
// NUL
|
||||
char *base64Buff = PL_Base64Encode(tempBuff, nbytes - 1, nsnull);
|
||||
if (!base64Buff) {
|
||||
nsMemory::Free(tempBuff);
|
||||
return NS_ERROR_FAILURE; // ??
|
||||
|
@ -19,6 +19,8 @@
|
||||
*
|
||||
* Contributor(s):
|
||||
* Pierre Phaneuf <pp@ludusdesign.com>
|
||||
* Mike Shaver <shaver@zeroknowledge.com>
|
||||
* Christopher Blizzard <blizzard@mozilla.org>
|
||||
*/
|
||||
|
||||
|
||||
@ -1793,9 +1795,16 @@ nsHTTPChannel::Authenticate(const char *iChallenge, PRBool iProxyAuth)
|
||||
#ifdef DEBUG_shaver
|
||||
fprintf(stderr, "Auth type: \"%s\"\n", authType.GetBuffer());
|
||||
#endif
|
||||
|
||||
// normalize to lowercase
|
||||
char *authLower = nsCRT::strdup(authType.GetBuffer());
|
||||
for (int i = 0; authLower[i]; i++)
|
||||
authLower[i] = tolower(authLower[i]);
|
||||
|
||||
nsCOMPtr<nsIAuthenticator> auth =
|
||||
do_GetServiceFromCategory("http-auth", authType, &rv);
|
||||
do_GetServiceFromCategory("http-auth", authLower, &rv);
|
||||
|
||||
nsMemory::Free(authLower); // free before checking rv
|
||||
|
||||
if (NS_FAILED(rv))
|
||||
// XXX report "Authentication-type not supported: %s"
|
||||
return NS_ERROR_FAILURE;
|
||||
|
Loading…
Reference in New Issue
Block a user