diff options
author | Loïc Hoguin <[email protected]> | 2013-02-06 19:16:06 +0100 |
---|---|---|
committer | Loïc Hoguin <[email protected]> | 2013-02-06 19:16:06 +0100 |
commit | 1c5ce11d13e7144091ce9a983ed0be6fbdb95c45 (patch) | |
tree | 91f73f06b5360abaab2d34c5ff0c4a89c61eb42b /src | |
parent | ecb234693c82553261738c28f883b327a2d586e1 (diff) | |
download | cowboy-1c5ce11d13e7144091ce9a983ed0be6fbdb95c45.tar.gz cowboy-1c5ce11d13e7144091ce9a983ed0be6fbdb95c45.tar.bz2 cowboy-1c5ce11d13e7144091ce9a983ed0be6fbdb95c45.zip |
Strip whitespaces when authorization type is unknown
Diffstat (limited to 'src')
-rw-r--r-- | src/cowboy_http.erl | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/cowboy_http.erl b/src/cowboy_http.erl index a78e090..f3ff687 100644 --- a/src/cowboy_http.erl +++ b/src/cowboy_http.erl @@ -817,7 +817,7 @@ authorization(UserPass, Type = <<"basic">>) -> end) end); authorization(String, Type) -> - {Type, String}. + cowboy_http:whitespace(String, fun(Rest) -> {Type, Rest} end). %% @doc Parse user credentials. -spec authorization_basic_userid(binary(), fun()) -> any(). @@ -1347,9 +1347,11 @@ http_authorization_test_() -> ?_assertEqual({error, badarg}, authorization(<<"dXNlcm5hbWUK">>, <<"basic">>)), ?_assertEqual({error, badarg}, - authorization(<<"_[]@#$%^&*()-AA==">>, <<"basic">>)), + authorization(<<"_[]@#$%^&*()-AA==">>, <<"basic">>)), ?_assertEqual({error, badarg}, - authorization(<<"dXNlcjpwYXNzCA==">>, <<"basic">>)) %% user:pass\010 + authorization(<<"dXNlcjpwYXNzCA==">>, <<"basic">>)), %% user:pass\010 + ?_assertEqual({<<"bearer">>,<<"some_secret_key">>}, + authorization(<<" some_secret_key">>, <<"bearer">>)) ]. -endif. |