noahshaw11 commented on a change in pull request #3637:
URL: https://github.com/apache/couchdb/pull/3637#discussion_r657191921
##########
File path: src/couch/src/couch_httpd_auth.erl
##########
@@ -71,22 +71,39 @@ special_test_authentication_handler(Req) ->
basic_name_pw(Req) ->
AuthorizationHeader = header_value(Req, "Authorization"),
case AuthorizationHeader of
- "Basic " ++ Base64Value ->
- try re:split(base64:decode(Base64Value), ":",
- [{return, list}, {parts, 2}]) of
- ["_", "_"] ->
- % special name and pass to be logged out
+ % undefined is sent during startup process
+ undefined ->
nil;
- [User, Pass] ->
- {User, Pass};
_ ->
- nil
- catch
- error:function_clause ->
- throw({bad_request, "Authorization header has invalid base64
value"})
- end;
- _ ->
- nil
+ try string:split(AuthorizationHeader, " ") of
+ [Basic, Base64Value] ->
+ BasicLower = string:casefold(Basic),
+ AuthorizationHeader1 = BasicLower ++ " " ++ Base64Value,
+ case AuthorizationHeader1 of
+ "basic " ++ Base64Value ->
Review comment:
Agreed, comparing on `"basic " ++ Base64Value` was not needed. See
https://github.com/apache/couchdb/pull/3637/commits/a6c2028adf8f717b3a9ec97835388a456fb1ce03.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
