Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge pull request #293 from 2shortplanks/master

make "Basic" detection insensitive as per RFC2617
  • Loading branch information...
commit 6f3cb0cb3ad8f204b35804e3a40f9504d9295088 2 parents d99efef + 8105487
Tatsuhiko Miyagawa miyagawa authored
Showing with 3 additions and 1 deletion.
  1. +3 −1 lib/Plack/Middleware/Auth/Basic.pm
4 lib/Plack/Middleware/Auth/Basic.pm
View
@@ -22,7 +22,9 @@ sub call {
my $auth = $env->{HTTP_AUTHORIZATION}
or return $self->unauthorized;
- if ($auth =~ /^Basic (.*)$/) {
+ # note the 'i' on the regex, as, accoring to RFC2617 this is a
+ # "case-insensitive token to identify the authentication scheme"
+ if ($auth =~ /^Basic (.*)$/i) {
my($user, $pass) = split /:/, (MIME::Base64::decode($1) || ":");
$pass = '' unless defined $pass;
if ($self->authenticator->($user, $pass, $env)) {
Please sign in to comment.
Something went wrong with that request. Please try again.