Please sign in to comment.
MD5 Digest auth: fail if authenticator returns nil
Fixes the authenticator API to deny access if nil is returned from the authenticator block. Without this patch, the nil gets to_s'd to "" and an empty password would be accepted. Backported to rack-1.1. Signed-off-by: Christian Neukirchen <firstname.lastname@example.org>
- Loading branch information...
Showing with 8 additions and 1 deletion.