Skip to content

Commit 4987fd1

Browse files
fabpotfabpot
committed
bug #44759 [HttpFoundation] Fix notice when HTTP_PHP_AUTH_USER passed without pass (Vitali Tsyrkin)
This PR was merged into the 4.4 branch. Discussion ---------- [HttpFoundation] Fix notice when HTTP_PHP_AUTH_USER passed without pass | Q | A | ------------- | --- | Branch? | 4.4 | Bug fix? | yes | New feature? | No | Deprecations? | No | License | MIT There is a way to pass HTTP_XXX vars. If someone will pass HTTP_PHP_AUTH_USER var without HTTP_PHP_AUTH_PW notice will appear since there is no second isset check against $headers, there is isset only for $this->params Commits ------- a9c9912 [HttpFoundation] Fix notice when HTTP_PHP_AUTH_USER passed without pass
2 parents 6d67f8c + a9c9912 commit 4987fd1

File tree

2 files changed

+11
-1
lines changed

2 files changed

+11
-1
lines changed

src/Symfony/Component/HttpFoundation/ServerBag.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -89,7 +89,7 @@ public function getHeaders()
8989

9090
// PHP_AUTH_USER/PHP_AUTH_PW
9191
if (isset($headers['PHP_AUTH_USER'])) {
92-
$headers['AUTHORIZATION'] = 'Basic '.base64_encode($headers['PHP_AUTH_USER'].':'.$headers['PHP_AUTH_PW']);
92+
$headers['AUTHORIZATION'] = 'Basic '.base64_encode($headers['PHP_AUTH_USER'].':'.($headers['PHP_AUTH_PW'] ?? ''));
9393
} elseif (isset($headers['PHP_AUTH_DIGEST'])) {
9494
$headers['AUTHORIZATION'] = $headers['PHP_AUTH_DIGEST'];
9595
}

src/Symfony/Component/HttpFoundation/Tests/ServerBagTest.php

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,16 @@ public function testHttpPasswordIsOptional()
5757
], $bag->getHeaders());
5858
}
5959

60+
public function testHttpPasswordIsOptionalWhenPassedWithHttpPrefix()
61+
{
62+
$bag = new ServerBag(['HTTP_PHP_AUTH_USER' => 'foo']);
63+
64+
$this->assertEquals([
65+
'AUTHORIZATION' => 'Basic '.base64_encode('foo:'),
66+
'PHP_AUTH_USER' => 'foo',
67+
], $bag->getHeaders());
68+
}
69+
6070
public function testHttpBasicAuthWithPhpCgi()
6171
{
6272
$bag = new ServerBag(['HTTP_AUTHORIZATION' => 'Basic '.base64_encode('foo:bar')]);

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy