| Ticket UUID: | da3fef0b21c37d7e4aa611ec08076fe8af2eee35 | ||
| Title: | Bug in http.c: missing \r for Proxy-Authorization header | ||
| Status: | Fixed | Type: | Code_Defect |
| Severity: | Minor | Priority: | |
| Subsystem: | Resolution: | Fixed | |
| Last Modified: | 2011-05-13 14:01:36 | ||
| Version Found In: | 2011-05-12 14:56:52 d8221b98636b76cfd99cb6ccce0e24f5baaafe51 | ||
| Description & Comments: | |||
Easiest to show the bug by just showing the patch:
--- src/http.c
+++ src/http.c
@@ -100,11 +100,11 @@
}else{
zSep = "/";
}
blob_appendf(pHdr, "POST %s%sxfer/xfer HTTP/1.0\r\n", g.urlPath, zSep);
if( g.urlProxyAuth ){
- blob_appendf(pHdr, "Proxy-Authorization: %s\n", g.urlProxyAuth);
+ blob_appendf(pHdr, "Proxy-Authorization: %s\r\n", g.urlProxyAuth);
}
if( g.urlPasswd && g.urlUser && g.urlPasswd[0]=='#' ){
char *zCredentials = mprintf("%s:%s", g.urlUser, &g.urlPasswd[1]);
char *zEncoded = encode64(zCredentials, -1);
blob_appendf(pHdr, "Authorization: Basic %s\r\n", zEncoded);
All HTTP headers should be terminated by a CRLF combination, not just an LF. Without the proper termination, some servers may reject the header. | |||
View Ticket