Welcome! Log In Create A New Profile


Observed inconsistency in HTTP headers (headers_in.user)

Anthony Ryan
May 21, 2011 04:28PM
I recently began development of a HTTP Auth module to make use of an
existing user authentication backend my company uses, and encountered
something I believe to be a bug in Nginx.

Observation was that given ngx_http_request_t *r and an auth of
"username" & "password" (respectively).

r->headers_in.user.data was equal to "username:password"
r->headers_in.user.len was equal to 8 for username

I believe that this is a bug and that user.data was intended to be
truncated to the "username" alone.

The tested version is 1.0.0
The development environment was Ubuntu 11.04
Configured from source with the following options

../configure \
--sbin-path=/usr/local/sbin/ \
--conf-path=/usr/local/etc/nginx/nginx.conf \
--with-pcre \
--with-http_ssl_module \
--with-http_gzip_static_module \
--without-http_charset_module \
--without-http_ssi_module \
--without-http_userid_module \
--without-http_autoindex_module \
--without-http_geo_module \
--without-http_map_module \
--without-http_referer_module \
--without-http_proxy_module \
--without-http_memcached_module \
--without-http_limit_zone_module \
--without-http_limit_req_module \
--without-http_empty_gif_module \
--without-http_browser_module \
--without-http_upstream_ip_hash_module \

If I did not provide enough relevant information or I am in some way
mistaken of the nature of this my apologies, this is only my second
day working in C.

Anthony Ryan

nginx-devel mailing list
Subject Author Views Posted

Observed inconsistency in HTTP headers (headers_in.user)

Anthony Ryan 1945 May 21, 2011 04:28PM

Re: Observed inconsistency in HTTP headers (headers_in.user)

Igor Sysoev 886 May 22, 2011 01:30AM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 89
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready