Be less tolerant when parsing the credencial for Basic authorization. Only... (057de2d3) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

Commit 057de2d3 authored Dec 04, 2017 by

Christophe Jaillet

Be less tolerant when parsing the credencial for Basic authorization. Only...

Be less tolerant when parsing the credencial for Basic authorization. Only spaces should be accepted after the authorization scheme. \t are also tolerated.

The current code accepts \v and \f as well.

The same behavior is already used in 'ap_get_basic_auth_pw()' which is mostly the same function as 'get_basic_auth()'.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1817131 13f79535-47bb-0310-9956-ffa450edef68

parent bd6744df

Hide whitespace changes

Inline Side-by-side

Please register or to comment