Overview
| Artifact ID: | 9fdac5818bcf86f547ddad54dea1db99e5a28e59 |
|---|---|
| Ticket: | da3fef0b21c37d7e4aa611ec08076fe8af2eee35
Bug in http.c: missing \r for Proxy-Authorization header |
| User & Date: | anonymous 2011-05-13 13:59:08 |
Changes
- comment changed to:
Easiest to show the bug by just showing the patch: <nowiki><pre> --- src/http.c +++ src/http.c @@ -100,11 +100,11 @@ }else{ zSep = "/"; } blob_appendf(pHdr, "POST %s%sxfer/xfer HTTP/1.0\r\n", g.urlPath, zSep); if( g.urlProxyAuth ){ - blob_appendf(pHdr, "Proxy-Authorization: %s\n", g.urlProxyAuth); + blob_appendf(pHdr, "Proxy-Authorization: %s\r\n", g.urlProxyAuth); } if( g.urlPasswd && g.urlUser && g.urlPasswd[0]=='#' ){ char *zCredentials = mprintf("%s:%s", g.urlUser, &g.urlPasswd[1]); char *zEncoded = encode64(zCredentials, -1); blob_appendf(pHdr, "Authorization: Basic %s\r\n", zEncoded); </pre></nowiki> All HTTP headers should be terminated by a CRLF combination, not just an LF. Without the proper termination, some servers may reject the header. - foundin changed to:
2011-05-12 14:56:52 d8221b98636b76cfd99cb6ccce0e24f5baaafe51
- severity changed to: "Minor"
- status changed to: "Open"
- title changed to:
Bug in http.c: missing \r for Proxy-Authorization header
- type changed to: "Code_Defect"