Commit b41805c0 authored by Jacob Vosmaer's avatar Jacob Vosmaer

Merge branch 'www-authenticate-case' into 'master'

Accomodate broken HTTP clients

HTTP header lookups are supposed to be case-insensitive but some
clients do a case insensitive lookup, which breaks because of Go's
header canonicalization.

See merge request !2
parents 6f561220 d91d0c63
...@@ -98,11 +98,16 @@ func (h *gitHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { ...@@ -98,11 +98,16 @@ func (h *gitHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
// The Git request is not allowed by the backend. Maybe the // The Git request is not allowed by the backend. Maybe the
// client needs to send HTTP Basic credentials. Forward the // client needs to send HTTP Basic credentials. Forward the
// response from the auth backend to our client. This includes // response from the auth backend to our client. This includes
// the 'WWW-Authentication' header that acts as a hint that // the 'WWW-Authenticate' header that acts as a hint that
// Basic auth credentials are needed. // Basic auth credentials are needed.
for k, v := range authResponse.Header { for k, v := range authResponse.Header {
// Accomodate broken clients that do case-sensitive header lookup
if k == "Www-Authenticate" {
w.Header()["WWW-Authenticate"] = v
} else {
w.Header()[k] = v w.Header()[k] = v
} }
}
w.WriteHeader(authResponse.StatusCode) w.WriteHeader(authResponse.StatusCode)
io.Copy(w, authResponse.Body) io.Copy(w, authResponse.Body)
return return
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment