diff options
author | Christian Grothoff <christian@grothoff.org> | 2021-02-02 12:05:06 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2021-02-02 12:05:06 +0100 |
commit | 0232c377c39611f4c476ec9464356f0ae40497d9 (patch) | |
tree | a5cfc7a6b776981307234e4bef48a78b07d764a0 | |
parent | 25c0b949ab5a77cc6aafc442cecbcaca0c49b3f1 (diff) | |
download | merchant-0232c377c39611f4c476ec9464356f0ae40497d9.tar.gz merchant-0232c377c39611f4c476ec9464356f0ae40497d9.tar.bz2 merchant-0232c377c39611f4c476ec9464356f0ae40497d9.zip |
include 'Bearer' in prefix and document discussion with mnot
-rw-r--r-- | src/backend/taler-merchant-httpd.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/src/backend/taler-merchant-httpd.c b/src/backend/taler-merchant-httpd.c index 85318ad9..f33d4346 100644 --- a/src/backend/taler-merchant-httpd.c +++ b/src/backend/taler-merchant-httpd.c @@ -67,6 +67,14 @@ #include "taler-merchant-httpd_templating.h" /** + * Required prefix for the authorization header as per RFC 8959. + * (Follows RFC 6750 albeit technically violates RFC 7235, but + * Mark Nottingham thinks this should be fixed by revising HTTP + * spec (https://github.com/httpwg/http-core/issues/733)) + */ +#define RFC_8959_PREFIX "Bearer secret-token:" + +/** * Backlog for listen operation on unix-domain sockets. */ #define UNIX_BACKLOG 500 @@ -1523,15 +1531,16 @@ url_handler (void *cls, if (NULL != auth) { if (0 != strncasecmp (auth, - "secret-token:", - strlen ("secret-token:"))) + RFC_8959_PREFIX, + strlen (RFC_8959_PREFIX))) { return TALER_MHD_reply_with_error (connection, MHD_HTTP_UNAUTHORIZED, TALER_EC_GENERIC_PARAMETER_MALFORMED, - "'secret-token:' prefix missing in 'Authorization' header"); + "'" RFC_8959_PREFIX + "' prefix missing in 'Authorization' header"); } - auth += strlen ("secret-token:"); + auth += strlen (RFC_8959_PREFIX); } if (NULL == hc->instance) { |