iilyak commented on a change in pull request #3637:
URL: https://github.com/apache/couchdb/pull/3637#discussion_r656982528
##########
File path: src/couch/src/couch_httpd_auth.erl
##########
@@ -71,22 +71,39 @@ special_test_authentication_handler(Req) ->
basic_name_pw(Req) ->
AuthorizationHeader = header_value(Req, "Authorization"),
case AuthorizationHeader of
- "Basic " ++ Base64Value ->
- try re:split(base64:decode(Base64Value), ":",
- [{return, list}, {parts, 2}]) of
- ["_", "_"] ->
- % special name and pass to be logged out
+ % undefined is sent during startup process
+ undefined ->
nil;
- [User, Pass] ->
- {User, Pass};
_ ->
- nil
- catch
- error:function_clause ->
- throw({bad_request, "Authorization header has invalid base64
value"})
- end;
- _ ->
- nil
+ try string:split(AuthorizationHeader, " ") of
+ [Basic, Base64Value] ->
+ BasicLower = string:casefold(Basic),
+ AuthorizationHeader1 = BasicLower ++ " " ++ Base64Value,
+ case AuthorizationHeader1 of
+ "basic " ++ Base64Value ->
Review comment:
I think comparing `BasicLower` is simpler. Something like the following
would do:
```
case string:casefold(Basic) of
"basic" ->
try re:split(base64:decode(Base64Value), ":",
[{return, list}, {parts, 2}]) of
...
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
