emacs-diffs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Emacs-diffs] master 64b469f 3/3: Don't infloop in url.el when sending i


From: Lars Ingebrigtsen
Subject: [Emacs-diffs] master 64b469f 3/3: Don't infloop in url.el when sending invalid basic auth
Date: Fri, 26 Jul 2019 04:56:08 -0400 (EDT)

branch: master
commit 64b469f6ae8173116ec948ac43cd44efe4b5a221
Author: Lars Ingebrigtsen <address@hidden>
Commit: Lars Ingebrigtsen <address@hidden>

    Don't infloop in url.el when sending invalid basic auth
    
    * lisp/url/url-http.el (url-http-handle-authentication): Bail out
    if the wrong credentials were passed to the server instead of
    inflooping (bug#27022).
---
 lisp/url/url-http.el | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/lisp/url/url-http.el b/lisp/url/url-http.el
index 5277601..f7f2f3d 100644
--- a/lisp/url/url-http.el
+++ b/lisp/url/url-http.el
@@ -453,6 +453,14 @@ Return the number of characters removed."
        auth
        (strength 0))
 
+    ;; If we're here, then we got a 40x Unauthorized response from the
+    ;; server.  If we already have "Authorization" in the extra
+    ;; headers, then this means that we've already tried sending
+    ;; credentials to the server, and they were wrong, so just give
+    ;; up.
+    (when (assoc "Authorization" url-http-extra-headers)
+      (error "Wrong authorization used for %s" url))
+
     ;; find strongest supported auth
     (dolist (this-auth auths)
       (setq this-auth (url-eat-trailing-space



reply via email to

[Prev in Thread] Current Thread [Next in Thread]