Re: [hackers] [quark][PATCH] Don't erase response on http_send_error_response

From: Laslo Hunhold <dev_AT_frign.de>
Date: Mon, 26 Oct 2020 12:35:17 +0100

On Mon, 26 Oct 2020 11:34:17 +0100
José Miguel Sánchez García <soy.jmi2k_AT_gmail.com> wrote:

Dear José,

> > I also don't see a reason for the constraints you mention. Just add
> > an array of group-auth-pairs to the server struct and also add a
> > group-auth-pair to the req-struct that you then fill when you parse
> > the request fields in http_parse_header(). Then later, in
> > http_prepare_header_buf(), you check if they match and either send
> > an error-header (access denied) or allow access.
> >
> > In case the auth-field is empty but the file requires a password,
> > you, in turn, send the desired header to ask for auth.
>
> You are absolutely right, and I just didn't see it when I was working
> on it. Sorry for wasting your time.

no problem! Sometimes it takes a few refactorings of an idea until it
is implemented the best way.

With best regards

Laslo
Received on Mon Oct 26 2020 - 12:35:17 CET

This archive was generated by hypermail 2.3.0 : Mon Oct 26 2020 - 12:48:32 CET