Quoted-string Basic realm ctx according to rfc7235

Hi, I faced some problems with 401 message and an Android client. It yelded because in the WWW-Authenticate header the Basic ream=<ctx> wasn't surrouned by "" In the https://tools.ietf.org/html/rfc7235 it is written that - Authentication parameters are name=value pairs - and "auth-param = token BWS "=" BWS ( token / quoted-string )" - and "For historical reasons, a sender MUST only generate the quoted-string syntax. Recipients might have to support both token and quoted-string syntax for maximum interoperability with existing clients that have been accepting both notations for a long time." After my modification, the Android worked again (and iOs and PC clients faicing the 401 still worked ;) ) BR, Arfy
2016-11-03 11:00:33 +01:00 · 2016-11-03 11:00:33 +01:00 · 64bb271b2e
parent 9f7537ef34
commit 64bb271b2e
1 changed files with 2 additions and 2 deletions
--- a/nginx-ldap-auth-daemon.py
+++ b/nginx-ldap-auth-daemon.py
@ -61,7 +61,7 @@ class AuthHandler(BaseHTTPRequestHandler):
        if auth_header is None or not auth_header.lower().startswith('basic '):

            self.send_response(401)
-            self.send_header('WWW-Authenticate', 'Basic realm=' + ctx['realm'])
+            self.send_header('WWW-Authenticate', 'Basic realm="' + ctx['realm'] + '"')
            self.send_header('Cache-Control', 'no-cache')
            self.end_headers()

@ -115,7 +115,7 @@ class AuthHandler(BaseHTTPRequestHandler):

        self.log_error(msg)
        self.send_response(401)
-        self.send_header('WWW-Authenticate', 'Basic realm=' + ctx['realm'])
+        self.send_header('WWW-Authenticate', 'Basic realm="' + ctx['realm'] + '"')
        self.send_header('Cache-Control', 'no-cache')
        self.end_headers()