github
/
consul
mirror of https://github.com/hashicorp/consul
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Case sensitive Authorization header with lower-cased scheme in… (#6724)

pull/6423/head
Ferenc Fabian 5 years ago committed by Matt Keeler
parent
1812e31ab0
commit
c90e838495
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      agent/http.go

2
agent/http.go
Unescape View File

@ -892,7 +892,7 @@ func (s *HTTPServer) parseTokenInternal(req *http.Request, token *string) {
value := strings.TrimSpace(strings.Join(parts[1:], " "))
// <Scheme> must be "Bearer"
if scheme == "Bearer" {
if strings.ToLower(scheme) == "bearer" {
// Since Bearer tokens shouldnt contain spaces (rfc6750#section-2.1)
// "value" is tokenized, only the first item is used
tok = strings.TrimSpace(strings.Split(value, " ")[0])

Write Preview
Loading…
Cancel
Save