rpc: Add WWW-Authenticate header to 401 response #7472

Merged
merged 1 commit into from Feb 9, 2016

Conversation

Projects
None yet
4 participants
@laanwj
Member

laanwj commented Feb 5, 2016

A WWW-Authenticate header must be present in the 401 response to make clients know that they can authenticate, and how.

WWW-Authenticate: Basic realm="jsonrpc"

Should fix #7462.

@jlopp

This comment has been minimized.

Show comment
Hide comment
@jlopp

jlopp Feb 5, 2016

Contributor

👍 fixes Java's Authenticator as I reported in #7462

Contributor

jlopp commented Feb 5, 2016

👍 fixes Java's Authenticator as I reported in #7462

@MarcoFalke

View changes

src/httprpc.cpp
@@ -21,6 +21,9 @@
#include <boost/algorithm/string.hpp> // boost::trim
#include <boost/foreach.hpp> //BOOST_FOREACH
+/** WWW-Authenticate to present with 401 Unauthorized response */
+static const char *WWW_AUTH_HEADER_DATA = "Basic realm=\"jsonrpc\"";

This comment has been minimized.

@MarcoFalke

MarcoFalke Feb 5, 2016

Member

Nit:

diff --git a/src/httprpc.cpp b/src/httprpc.cpp
index 5d54d8f..a447a3e 100644
--- a/src/httprpc.cpp
+++ b/src/httprpc.cpp
@@ -25 +25 @@
-static const char *WWW_AUTH_HEADER_DATA = "Basic realm=\"jsonrpc\"";
+static const char* WWW_AUTH_HEADER_DATA = "Basic realm=\"jsonrpc\"";
@@ -157 +157 @@ static bool HTTPReq_JSONRPC(HTTPRequest* req, const std::string &)
-        req->WriteHeader("WWW-Authenticate",WWW_AUTH_HEADER_DATA);
+        req->WriteHeader("WWW-Authenticate", WWW_AUTH_HEADER_DATA);
@@ -170 +170 @@ static bool HTTPReq_JSONRPC(HTTPRequest* req, const std::string &)
-        req->WriteHeader("WWW-Authenticate",WWW_AUTH_HEADER_DATA);
+        req->WriteHeader("WWW-Authenticate", WWW_AUTH_HEADER_DATA);
@MarcoFalke

MarcoFalke Feb 5, 2016

Member

Nit:

diff --git a/src/httprpc.cpp b/src/httprpc.cpp
index 5d54d8f..a447a3e 100644
--- a/src/httprpc.cpp
+++ b/src/httprpc.cpp
@@ -25 +25 @@
-static const char *WWW_AUTH_HEADER_DATA = "Basic realm=\"jsonrpc\"";
+static const char* WWW_AUTH_HEADER_DATA = "Basic realm=\"jsonrpc\"";
@@ -157 +157 @@ static bool HTTPReq_JSONRPC(HTTPRequest* req, const std::string &)
-        req->WriteHeader("WWW-Authenticate",WWW_AUTH_HEADER_DATA);
+        req->WriteHeader("WWW-Authenticate", WWW_AUTH_HEADER_DATA);
@@ -170 +170 @@ static bool HTTPReq_JSONRPC(HTTPRequest* req, const std::string &)
-        req->WriteHeader("WWW-Authenticate",WWW_AUTH_HEADER_DATA);
+        req->WriteHeader("WWW-Authenticate", WWW_AUTH_HEADER_DATA);
@MarcoFalke

This comment has been minimized.

Show comment
Hide comment
@MarcoFalke

MarcoFalke Feb 5, 2016

Member

Concept ACK 5bac0a9

Member

MarcoFalke commented Feb 5, 2016

Concept ACK 5bac0a9

rpc: Add WWW-Authenticate header to 401 response
A WWW-Authenticate header must be present in the 401
response to make clients know that they can authenticate,
and how.

    WWW-Authenticate: Basic realm="jsonrpc"

Fixes #7462.
@paveljanik

This comment has been minimized.

Show comment
Hide comment
Contributor

paveljanik commented Feb 9, 2016

@laanwj laanwj merged commit 7c06fbd into bitcoin:master Feb 9, 2016

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details

laanwj added a commit that referenced this pull request Feb 9, 2016

Merge #7472: rpc: Add WWW-Authenticate header to 401 response
7c06fbd rpc: Add WWW-Authenticate header to 401 response (Wladimir J. van der Laan)

laanwj added a commit that referenced this pull request Feb 9, 2016

rpc: Add WWW-Authenticate header to 401 response
A WWW-Authenticate header must be present in the 401
response to make clients know that they can authenticate,
and how.

    WWW-Authenticate: Basic realm="jsonrpc"

Fixes #7462.

Github-Pull: #7472
Rebased-From: 7c06fbd
@laanwj

This comment has been minimized.

Show comment
Hide comment
@laanwj

laanwj Feb 10, 2016

Member

Cherry-picked to 0.12 as b2f2b85

Member

laanwj commented Feb 10, 2016

Cherry-picked to 0.12 as b2f2b85

@laanwj laanwj removed the Needs backport label Feb 10, 2016

zkbot added a commit to zcash/zcash that referenced this pull request Jul 25, 2017

Auto merge of #2529 - str4d:2444-rpc-www-authenticate, r=daira
[rpc] Add WWW-Authenticate header to 401 response

Fix cherry-picked from upstream PR bitcoin/bitcoin#7472.

Closes #2444.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment