You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36 lines
1.2 KiB
36 lines
1.2 KiB
From 13c2dc126d8bb4c57273178fc455dab6f02e1efc Mon Sep 17 00:00:00 2001
|
|
From: Alexey Sokolov <alexey+znc@asokolov.org>
|
|
Date: Thu, 16 Apr 2015 01:21:57 +0100
|
|
Subject: [PATCH] Fix rare conflict of HTTP-Basic auth and cookies.
|
|
|
|
Fix #946
|
|
---
|
|
src/HTTPSock.cpp | 10 +++++++++-
|
|
1 file changed, 9 insertions(+), 1 deletion(-)
|
|
|
|
--- a/src/HTTPSock.cpp
|
|
+++ b/src/HTTPSock.cpp
|
|
@@ -122,7 +122,7 @@ void CHTTPSock::ReadLine(const CString&
|
|
sLine.Token(2).Base64Decode(sUnhashed);
|
|
m_sUser = sUnhashed.Token(0, false, ":");
|
|
m_sPass = sUnhashed.Token(1, true, ":");
|
|
- m_bLoggedIn = OnLogin(m_sUser, m_sPass, true);
|
|
+ // Postpone authorization attempt until end of headers, because cookies should be read before that, otherwise session id will be overwritten in GetSession()
|
|
} else if (sName.Equals("Content-Length:")) {
|
|
m_uPostLen = sLine.Token(1).ToULong();
|
|
if (m_uPostLen > MAX_POST_SIZE)
|
|
@@ -170,6 +170,14 @@ void CHTTPSock::ReadLine(const CString&
|
|
} else if (sLine.empty()) {
|
|
m_bGotHeader = true;
|
|
|
|
+ if (!m_sUser.empty()) {
|
|
+ m_bLoggedIn = OnLogin(m_sUser, m_sPass, true);
|
|
+ if (!m_bLoggedIn) {
|
|
+ // Error message already was sent
|
|
+ return;
|
|
+ }
|
|
+ }
|
|
+
|
|
if (m_bPost) {
|
|
m_sPostData = GetInternalReadBuffer();
|
|
CheckPost();
|