[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] master 64b469f 3/3: Don't infloop in url.el when sending i
From: |
Lars Ingebrigtsen |
Subject: |
[Emacs-diffs] master 64b469f 3/3: Don't infloop in url.el when sending invalid basic auth |
Date: |
Fri, 26 Jul 2019 04:56:08 -0400 (EDT) |
branch: master
commit 64b469f6ae8173116ec948ac43cd44efe4b5a221
Author: Lars Ingebrigtsen <address@hidden>
Commit: Lars Ingebrigtsen <address@hidden>
Don't infloop in url.el when sending invalid basic auth
* lisp/url/url-http.el (url-http-handle-authentication): Bail out
if the wrong credentials were passed to the server instead of
inflooping (bug#27022).
---
lisp/url/url-http.el | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/lisp/url/url-http.el b/lisp/url/url-http.el
index 5277601..f7f2f3d 100644
--- a/lisp/url/url-http.el
+++ b/lisp/url/url-http.el
@@ -453,6 +453,14 @@ Return the number of characters removed."
auth
(strength 0))
+ ;; If we're here, then we got a 40x Unauthorized response from the
+ ;; server. If we already have "Authorization" in the extra
+ ;; headers, then this means that we've already tried sending
+ ;; credentials to the server, and they were wrong, so just give
+ ;; up.
+ (when (assoc "Authorization" url-http-extra-headers)
+ (error "Wrong authorization used for %s" url))
+
;; find strongest supported auth
(dolist (this-auth auths)
(setq this-auth (url-eat-trailing-space