From 98e37dd547aec9fd7d52307d37440ec22303ee57 Mon Sep 17 00:00:00 2001 From: psychon Date: Mon, 14 Sep 2009 17:23:40 +0000 Subject: [PATCH] Webadmin: Don't include the ZNC version in the basic auth realm If you save a password in your browser that password is bound to the "realm" of the authentication. Since ZNC included its version number in this, all your saved passwords were rendered useless on upgrade. Avoid this by not including the version number in the HTTP authentication realm. Thanks to tylerdu for reporting this. git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1627 726aef4b-f618-498e-8847-2d620e286838 --- HTTPSock.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/HTTPSock.cpp b/HTTPSock.cpp index 5d00fdf6..32bc3981 100644 --- a/HTTPSock.cpp +++ b/HTTPSock.cpp @@ -360,7 +360,7 @@ bool CHTTPSock::ForceLogin() { } CString sPage = GetErrorPage(401, "Unauthorized", "You need to login to view this page."); - AddHeader("WWW-Authenticate", "Basic realm=\"" + CZNC::GetTag() + "\""); + AddHeader("WWW-Authenticate", "Basic realm=\"" + CZNC::GetTag(false) + "\""); PrintHeader(sPage.length(), "text/html", 401, "Unauthorized"); Write(sPage); Close(Csock::CLT_AFTERWRITE);