Browse Source

[mod_auth] send charset="UTF-8" in WWW-Authenticate (fixes #1468)

https://tools.ietf.org/html/rfc7616 and
https://tools.ietf.org/html/rfc7617 (September 2015)
update Digest and Basic auth to allow server to recommend charset
which should be used by client.

http://stackoverflow.com/questions/702629/utf-8-characters-mangled-in-http-basic-auth-username

x-ref:
  "LDAP UTF-8 encoding"
  https://redmine.lighttpd.net/issues/1468
personal/stbuehler/mod-csrf-old
Glenn Strauss 6 years ago
parent
commit
4b412797b8
  1. 1
      NEWS
  2. 4
      src/mod_auth.c

1
NEWS

@ -64,6 +64,7 @@ NEWS
* [core] clean up srv before exiting for lighttpd -[vVh]
* [mod_fastcgi,mod_scgi] check for spawning on same unix socket (fixes #319)
* [mod_cgi] always set QUERY_STRING (fixes #1339)
* [mod_auth] send charset="UTF-8" in WWW-Authenticate (fixes #1468)
- 1.4.39 - 2016-01-02
* [core] fix memset_s call (fixes #2698)

4
src/mod_auth.c

@ -298,7 +298,7 @@ static handler_t mod_auth_uri_handler(server *srv, connection *con, void *p_d) {
if (0 == strcmp(method->value->ptr, "basic")) {
buffer_copy_string_len(p->tmp_buf, CONST_STR_LEN("Basic realm=\""));
buffer_append_string_buffer(p->tmp_buf, realm->value);
buffer_append_string_len(p->tmp_buf, CONST_STR_LEN("\""));
buffer_append_string_len(p->tmp_buf, CONST_STR_LEN("\", charset=\"UTF-8\""));
response_header_insert(srv, con, CONST_STR_LEN("WWW-Authenticate"), CONST_BUF_LEN(p->tmp_buf));
} else if (0 == strcmp(method->value->ptr, "digest")) {
@ -307,7 +307,7 @@ static handler_t mod_auth_uri_handler(server *srv, connection *con, void *p_d) {
buffer_copy_string_len(p->tmp_buf, CONST_STR_LEN("Digest realm=\""));
buffer_append_string_buffer(p->tmp_buf, realm->value);
buffer_append_string_len(p->tmp_buf, CONST_STR_LEN("\", nonce=\""));
buffer_append_string_len(p->tmp_buf, CONST_STR_LEN("\", charset=\"UTF-8\", nonce=\""));
buffer_append_string(p->tmp_buf, hh);
buffer_append_string_len(p->tmp_buf, CONST_STR_LEN("\", qop=\"auth\""));

Loading…
Cancel
Save