Artifact 9fdac5818bcf86f547ddad54dea1db99e5a28e59:

Ticket change [9fdac5818b] - New ticket [da3fef0b21] Bug in http.c: missing \r for Proxy-Authorization header. by anonymous 2011-05-13 13:59:08.

---

D 2011-05-13T13:59:08.830
J comment Easiest\sto\sshow\sthe\sbug\sby\sjust\sshowing\sthe\spatch:\r\n\r\n<nowiki><pre>\r\n---\ssrc/http.c\r\n+++\ssrc/http.c\r\n@@\s-100,11\s+100,11\s@@\r\n\s\s\s}else{\r\n\s\s\s\s\szSep\s=\s"/";\r\n\s\s\s}\r\n\s\s\sblob_appendf(pHdr,\s"POST\s%s%sxfer/xfer\sHTTP/1.0\\r\\n",\sg.urlPath,\szSep);\r\n\s\s\sif(\sg.urlProxyAuth\s){\r\n-\s\s\s\sblob_appendf(pHdr,\s"Proxy-Authorization:\s%s\\n",\sg.urlProxyAuth);\r\n+\s\s\s\sblob_appendf(pHdr,\s"Proxy-Authorization:\s%s\\r\\n",\sg.urlProxyAuth);\r\n\s\s\s}\r\n\s\s\sif(\sg.urlPasswd\s&&\sg.urlUser\s&&\sg.urlPasswd[0]=='#'\s){\r\n\s\s\s\s\schar\s*zCredentials\s=\smprintf("%s:%s",\sg.urlUser,\s&g.urlPasswd[1]);\r\n\s\s\s\s\schar\s*zEncoded\s=\sencode64(zCredentials,\s-1);\r\n\s\s\s\s\sblob_appendf(pHdr,\s"Authorization:\sBasic\s%s\\r\\n",\szEncoded);\r\n</pre></nowiki>\r\n\r\nAll\sHTTP\sheaders\sshould\sbe\sterminated\sby\sa\sCRLF\scombination,\snot\sjust\san\sLF.\s\sWithout\sthe\sproper\stermination,\ssome\sservers\smay\sreject\sthe\sheader.
J foundin 2011-05-12\s14:56:52\sd8221b98636b76cfd99cb6ccce0e24f5baaafe51
J severity Minor
J status Open
J title Bug\sin\shttp.c:\smissing\s\\r\sfor\sProxy-Authorization\sheader
J type Code_Defect
K da3fef0b21c37d7e4aa611ec08076fe8af2eee35
U anonymous
Z 368dbd9f5424522be39680cda1862177