diff options
Diffstat (limited to '_build/static/archives/extend/2014-July/000414.html')
-rw-r--r-- | _build/static/archives/extend/2014-July/000414.html | 119 |
1 files changed, 119 insertions, 0 deletions
diff --git a/_build/static/archives/extend/2014-July/000414.html b/_build/static/archives/extend/2014-July/000414.html new file mode 100644 index 00000000..ff4a8266 --- /dev/null +++ b/_build/static/archives/extend/2014-July/000414.html @@ -0,0 +1,119 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<HTML> + <HEAD> + <TITLE> [99s-extend] HTTP Basic Auth base64 decode fails + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:extend%40lists.ninenines.eu?Subject=Re%3A%20%5B99s-extend%5D%20HTTP%20Basic%20Auth%20base64%20decode%20fails&In-Reply-To=%3CCA%2BdV7cRxf-uKJKx-xPhKcm6TXXKLc4H3OVOC2GVQy58V5nASzg%40mail.gmail.com%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <style type="text/css"> + pre { + white-space: pre-wrap; /* css-2.1, curent FF, Opera, Safari */ + } + </style> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="000413.html"> + <LINK REL="Next" HREF="000415.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[99s-extend] HTTP Basic Auth base64 decode fails</H1> + <B>Paulo F. Oliveira</B> + <A HREF="mailto:extend%40lists.ninenines.eu?Subject=Re%3A%20%5B99s-extend%5D%20HTTP%20Basic%20Auth%20base64%20decode%20fails&In-Reply-To=%3CCA%2BdV7cRxf-uKJKx-xPhKcm6TXXKLc4H3OVOC2GVQy58V5nASzg%40mail.gmail.com%3E" + TITLE="[99s-extend] HTTP Basic Auth base64 decode fails">paulo.ferraz.oliveira at gmail.com + </A><BR> + <I>Tue Jul 8 15:25:58 CEST 2014</I> + <P><UL> + <LI>Previous message: <A HREF="000413.html">[99s-extend] HTTP Basic Auth base64 decode fails +</A></li> + <LI>Next message: <A HREF="000415.html">[99s-extend] couldn't quit in Erlang 17.1 +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#414">[ date ]</a> + <a href="thread.html#414">[ thread ]</a> + <a href="subject.html#414">[ subject ]</a> + <a href="author.html#414">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>Great, thanks. + +I saw some changes "from 422 to 400" in recent versions (PUT and POST). +Thanks for the heads up. As long as they're document, no harm shall come of +these changes. + +In any case, if I see it happen very often live I'll "protect" it agains +the _bad_ header :-). + +Cheers. + +- Paulo F. Oliveira + + +On 8 July 2014 14:21, Loïc Hoguin <<A HREF="https://lists.ninenines.eu/listinfo/extend">essen at ninenines.eu</A>> wrote: + +><i> Parsing of any header may crash. Some may also return an error tuple, +</I>><i> though that behavior slowly changes and it will always crash in 2.0. So +</I>><i> just wrap the call around a try/catch if you need to handle the error. +</I>><i> +</I>><i> Note that at this exact moment I'm working on returning 400 instead of 500 +</I>><i> automatically when parsing headers end up crashing (and possibly other +</I>><i> situations later on). +</I>><i> +</I>><i> +</I>><i> On 07/08/2014 03:17 PM, Paulo F. Oliveira wrote: +</I>><i> +</I>>><i> Hello, y'all. +</I>>><i> +</I>>><i> I'm using HTTP Basic Auth in my API. While calling +</I>>><i> cowboy_req:parse_header(<<"authorization>>", ... with an _invalid_ +</I>>><i> Authorization header such as "Authorization: Basic Test1" I get an error +</I>>><i> 500 back and an error log message on the server. +</I>>><i> +</I>>><i> 1. Is this the expected behavior? [if I understand correctly, my request +</I>>><i> is going through authorization(UserPass, Type = <<"basic">>) and this +</I>>><i> has no check for the string being correctly encoded] +</I>>><i> +</I>>><i> 2. what would be the best way to guard against this "error"? +</I>>><i> +</I>>><i> Thanks. +</I>>><i> +</I>>><i> - Paulo F. Oliveira +</I>>><i> +</I>>><i> +</I>>><i> _______________________________________________ +</I>>><i> Extend mailing list +</I>>><i> <A HREF="https://lists.ninenines.eu/listinfo/extend">Extend at lists.ninenines.eu</A> +</I>>><i> <A HREF="https://lists.ninenines.eu/listinfo/extend">https://lists.ninenines.eu/listinfo/extend</A> +</I>>><i> +</I>>><i> +</I>><i> -- +</I>><i> Loïc Hoguin +</I>><i> <A HREF="http://ninenines.eu">http://ninenines.eu</A> +</I>><i> +</I>-------------- next part -------------- +An HTML attachment was scrubbed... +URL: <<A HREF="http://lists.ninenines.eu/archives/extend/attachments/20140708/497ef9a1/attachment.html">http://lists.ninenines.eu/archives/extend/attachments/20140708/497ef9a1/attachment.html</A>> +</PRE> + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="000413.html">[99s-extend] HTTP Basic Auth base64 decode fails +</A></li> + <LI>Next message: <A HREF="000415.html">[99s-extend] couldn't quit in Erlang 17.1 +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#414">[ date ]</a> + <a href="thread.html#414">[ thread ]</a> + <a href="subject.html#414">[ subject ]</a> + <a href="author.html#414">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://lists.ninenines.eu/listinfo/extend">More information about the Extend +mailing list</a><br> +</body></html> |