[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-merchant] branch master updated: include 'Bearer' in prefix and d
From: |
gnunet |
Subject: |
[taler-merchant] branch master updated: include 'Bearer' in prefix and document discussion with mnot |
Date: |
Tue, 02 Feb 2021 12:05:08 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository merchant.
The following commit(s) were added to refs/heads/master by this push:
new 0232c377 include 'Bearer' in prefix and document discussion with mnot
0232c377 is described below
commit 0232c377c39611f4c476ec9464356f0ae40497d9
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Tue Feb 2 12:05:06 2021 +0100
include 'Bearer' in prefix and document discussion with mnot
---
src/backend/taler-merchant-httpd.c | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/src/backend/taler-merchant-httpd.c
b/src/backend/taler-merchant-httpd.c
index 85318ad9..f33d4346 100644
--- a/src/backend/taler-merchant-httpd.c
+++ b/src/backend/taler-merchant-httpd.c
@@ -66,6 +66,14 @@
#include "taler-merchant-httpd_statics.h"
#include "taler-merchant-httpd_templating.h"
+/**
+ * Required prefix for the authorization header as per RFC 8959.
+ * (Follows RFC 6750 albeit technically violates RFC 7235, but
+ * Mark Nottingham thinks this should be fixed by revising HTTP
+ * spec (https://github.com/httpwg/http-core/issues/733))
+ */
+#define RFC_8959_PREFIX "Bearer secret-token:"
+
/**
* Backlog for listen operation on unix-domain sockets.
*/
@@ -1523,15 +1531,16 @@ url_handler (void *cls,
if (NULL != auth)
{
if (0 != strncasecmp (auth,
- "secret-token:",
- strlen ("secret-token:")))
+ RFC_8959_PREFIX,
+ strlen (RFC_8959_PREFIX)))
{
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_UNAUTHORIZED,
TALER_EC_GENERIC_PARAMETER_MALFORMED,
- "'secret-token:' prefix missing in
'Authorization' header");
+ "'" RFC_8959_PREFIX
+ "' prefix missing in
'Authorization' header");
}
- auth += strlen ("secret-token:");
+ auth += strlen (RFC_8959_PREFIX);
}
if (NULL == hc->instance)
{
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-merchant] branch master updated: include 'Bearer' in prefix and document discussion with mnot,
gnunet <=