iarv/znc
1
0
Fork 0
mirror of https://github.com/znc/znc.git synced 2026-05-07 13:54:47 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix rare conflict of HTTP-Basic auth and cookies.

Browse Source 
Fix #946
This commit is contained in:
Alexey Sokolov
2015-04-16 01:21:57 +01:00
parent c7b2aea7da
commit eedcd4c4de
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/HTTPSock.cpp
+9 -1
View File
@@ -122,7 +122,7 @@ void CHTTPSock::ReadLine(const CString& sData) {
sLine.Token(2).Base64Decode(sUnhashed);
m_sUser = sUnhashed.Token(0, false, ":");
m_sPass = sUnhashed.Token(1, true, ":");
m_bLoggedIn = OnLogin(m_sUser, m_sPass, true);
// Postpone authorization attempt until end of headers, because cookies should be read before that, otherwise session id will be overwritten in GetSession()
} else if (sName.Equals("Content-Length:")) {
m_uPostLen = sLine.Token(1).ToULong();
if (m_uPostLen > MAX_POST_SIZE)
@@ -170,6 +170,14 @@ void CHTTPSock::ReadLine(const CString& sData) {
} else if (sLine.empty()) {
m_bGotHeader = true;
if (!m_sUser.empty()) {
m_bLoggedIn = OnLogin(m_sUser, m_sPass, true);
if (!m_bLoggedIn) {
// Error message already was sent
return;
}
}
if (m_bPost) {
m_sPostData = GetInternalReadBuffer();
CheckPost();