New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow custom authorization headers #13327

Closed
wants to merge 2 commits into
base: 3.3.x
from

Conversation

Projects
None yet
2 participants
@sui77

sui77 commented Mar 19, 2018

  • Type: bug fix

In raising this pull request, I confirm the following (please check boxes):

  • I have read and understood the Contributing Guidelines?
  • I have checked that another pull request for this purpose does not exist.
  • I wrote some tests for this PR.
  • Didn't even test it. I have no intention to go that deep into phalcon development and just want to share this tiny fix.

Small description of change:

I found this when unsuccessfully trying to access a custom SHA256 authorization header. The request object drops any auth header that does not follow "basic", "digest" or "bearer" scheme.

Not sure if this fix it will break any phalcon authentication magic but I'd say any authorization header
should be at least passed through.

sergeyklay and others added some commits Mar 6, 2018

Allow custom authorization headers
Is there any reason to drop any auth header except basic, digest and bearer?

@sui77 sui77 referenced this pull request Mar 19, 2018

Closed

Allow custom authorization headers #13323

1 of 4 tasks complete

@sergeyklay sergeyklay added this to the 3.4.x milestone Mar 24, 2018

@sergeyklay sergeyklay referenced this pull request Mar 25, 2018

Merged

Added the ability to listen authorization events #13331

3 of 3 tasks complete
@sergeyklay

This comment has been minimized.

Member

sergeyklay commented Mar 25, 2018

Closing in favor of #13331.
Thank you for the report, and for helping us make Phalcon better.

@sergeyklay sergeyklay closed this Mar 25, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment