Chromium Code Reviews Chromium Code Reviews
Issue 6525035:
Invalidate credentials if the server rejects them. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: net/http/http_auth_handler_digest.cc |
| diff --git a/net/http/http_auth_handler_digest.cc b/net/http/http_auth_handler_digest.cc |
| index e8cb819cef70ec390e5aebc5a3fefd7187d9eeb9..64f68d88623ff4af7b15bcbec52d86b48e217cd4 100644 |
| --- a/net/http/http_auth_handler_digest.cc |
| +++ b/net/http/http_auth_handler_digest.cc |
| @@ -114,16 +114,20 @@ HttpAuth::AuthorizationResult HttpAuthHandlerDigest::HandleAnotherChallenge( |
| return HttpAuth::AUTHORIZATION_RESULT_INVALID; |
| HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs(); |
| + std::string realm; |
| - // Try to find the "stale" value. |
| + // Try to find the "stale" value, and also keep track of the realm |
| + // for the new challenge. |
| while (parameters.GetNext()) { |
| - if (!LowerCaseEqualsASCII(parameters.name(), "stale")) |
| - continue; |
| - if (LowerCaseEqualsASCII(parameters.value(), "true")) |
| - return HttpAuth::AUTHORIZATION_RESULT_STALE; |
| + if (LowerCaseEqualsASCII(parameters.name(), "stale")) { |
| + if (LowerCaseEqualsASCII(parameters.value(), "true")) |
| + return HttpAuth::AUTHORIZATION_RESULT_STALE; |
| + } else if (LowerCaseEqualsASCII(parameters.name(), "realm")) |
|
cbentzel
2011/02/16 20:51:39
Nit: retain the braces in if/else
asanka
2011/02/16 22:39:19
Done.
|
| + realm = parameters.value(); |
| } |
| - |
| - return HttpAuth::AUTHORIZATION_RESULT_REJECT; |
| + return (realm_ != realm)? |
|
cbentzel
2011/02/16 20:51:39
Nit: There's usually a space between the two. I
cbentzel
2011/02/16 20:51:39
You should add a test case for this in HttpAuthHan
asanka
2011/02/16 22:39:19
Done. I wonder if there's value in moving these c
|
| + HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM: |
| + HttpAuth::AUTHORIZATION_RESULT_REJECT; |
| } |
| bool HttpAuthHandlerDigest::Init(HttpAuth::ChallengeTokenizer* challenge) { |
