Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HttpAuthenticator should ignore case when parsing RFC 2617 auth parameter realm #342

Closed
efung opened this issue Oct 28, 2013 · 2 comments
Closed

HttpAuthenticator should ignore case when parsing RFC 2617 auth parameter realm #342

efung opened this issue Oct 28, 2013 · 2 comments

Comments

@efung
Copy link

efung commented Oct 28, 2013

RFC 2617 Section 1.2 (http://tools.ietf.org/html/rfc2617#section-1.2) says that the realm directive should be parsed without caring about case. However, in L141 of HttpAuthenticator.java:

        if (!value.regionMatches(pos, "realm=\"", 0, "realm=\"".length())) {

which is case-sensitive.

I am using OkHttp against a server which is responding with a header like:

WWW-Authenticate: Basic Realm="Acme API Authentication"
@swankjesse
Copy link
Member

Can fix.

@swankjesse
Copy link
Member

#345

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@swankjesse @efung