[taler-merchant] branch master updated: include 'Bearer' in prefix and d

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-merchant] branch master updated: include 'Bearer' in prefix and d

From:	gnunet
Subject:	[taler-merchant] branch master updated: include 'Bearer' in prefix and document discussion with mnot
Date:	Tue, 02 Feb 2021 12:05:08 +0100

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository merchant.

The following commit(s) were added to refs/heads/master by this push:
     new 0232c377 include 'Bearer' in prefix and document discussion with mnot
0232c377 is described below

commit 0232c377c39611f4c476ec9464356f0ae40497d9
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Tue Feb 2 12:05:06 2021 +0100

    include 'Bearer' in prefix and document discussion with mnot
---
 src/backend/taler-merchant-httpd.c | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/src/backend/taler-merchant-httpd.c 
b/src/backend/taler-merchant-httpd.c
index 85318ad9..f33d4346 100644
--- a/src/backend/taler-merchant-httpd.c
+++ b/src/backend/taler-merchant-httpd.c
@@ -66,6 +66,14 @@
 #include "taler-merchant-httpd_statics.h"
 #include "taler-merchant-httpd_templating.h"
 
+/**
+ * Required prefix for the authorization header as per RFC 8959.
+ * (Follows RFC 6750 albeit technically violates RFC 7235, but
+ *  Mark Nottingham thinks this should be fixed by revising HTTP
+ *  spec (https://github.com/httpwg/http-core/issues/733))
+ */
+#define RFC_8959_PREFIX "Bearer secret-token:"
+
 /**
  * Backlog for listen operation on unix-domain sockets.
  */
@@ -1523,15 +1531,16 @@ url_handler (void *cls,
     if (NULL != auth)
     {
       if (0 != strncasecmp (auth,
-                            "secret-token:",
-                            strlen ("secret-token:")))
+                            RFC_8959_PREFIX,
+                            strlen (RFC_8959_PREFIX)))
       {
         return TALER_MHD_reply_with_error (connection,
                                            MHD_HTTP_UNAUTHORIZED,
                                            
TALER_EC_GENERIC_PARAMETER_MALFORMED,
-                                           "'secret-token:' prefix missing in 
'Authorization' header");
+                                           "'" RFC_8959_PREFIX
+                                           "' prefix missing in 
'Authorization' header");
       }
-      auth += strlen ("secret-token:");
+      auth += strlen (RFC_8959_PREFIX);
     }
     if (NULL == hc->instance)
     {

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[taler-merchant] branch master updated: include 'Bearer' in prefix and document discussion with mnot, gnunet <=

Prev by Date: [taler-wallet-core] 01/02: 0006728: set up wallet CI pipeline for WebExtension build
Next by Date: [taler-merchant] branch master updated: extend client and testing libs to support setting authentication tokens (#6731)
Previous by thread: [taler-wallet-core] branch master updated (69aaaefc -> ea025971)
Next by thread: [taler-merchant] branch master updated: extend client and testing libs to support setting authentication tokens (#6731)
Index(es):
- Date
- Thread