0
@@ -1,3 +1,11 @@
0
+* SVN *
0
+
0
+* Fix nil authorization header bug.
0
+
0
+* fix bug preventing plain html filter
0
+
0
+* Fix akismet response issue
0
+
0
 * 0.7.2 OFFICIAL *
0
 
0
 * Allow safe fallback for bad Site#current_theme_path settings.

0
@@ -81,7 +81,8 @@ module AuthenticatedSystem
0
     @@http_auth_headers = %w(X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION Authorization)
0
     # gets BASIC auth info
0
     def get_auth_data
0
-      authdata = request.env[@@http_auth_headers.detect { |h| request.env.has_key?(h) }].to_s.split
0
-      return authdata[0] == 'Basic' ? Base64.decode64(authdata[1]).split(':')[0..1] : ['', ''] 
0
+      auth_key  = @@http_auth_headers.detect { |h| request.env.has_key?(h) }
0
+      auth_data = request.env[auth_key].to_s.split unless auth_key.blank?
0
+      return auth_data && auth_data[0] == 'Basic' ? Base64.decode64(auth_data[1]).split(':')[0..1] : [nil, nil] 
0
     end
0
 end

0
@@ -54,4 +54,9 @@ class ApplicationControllerTest < Test::Unit::TestCase
0
     get :test_host
0
     assert_equal @uk, @controller.site
0
   end
0
+  
0
+  def test_should_return_nil_user_from_invalid_http_auth_data
0
+    get :test_host
0
+    @controller.send(:get_auth_data).each { |value| assert_nil value }
0
+  end
0
 end