rejetto forum

Authorization: header not detected if more than one blank after colon

Guest · 2 · 1927

0 Members and 1 Guest are viewing this topic.

Jens

  • Guest
Although hfs might work with most browsers, authentication won't work when behind a MS ISA 2004 firewall. The cause: Firewall proxy rewrites headers so that there is more than one blank between colon and value.

function ThttpConn.getHeader in hslib.pas should be able to strip more than one blank after the header name.

  if compareText(chop(':',l), h) = 0 then
    begin
    if (l>'') and (l[1]=' ') then delete(l,1,1);
    result:=l;
    exit;
    end;

better use something like this:

  while (l>'') and (l[1]=' ') do begin delete(l,1,1); end;




Offline rejetto

  • Administrator
  • Tireless poster
  • *****
    • Posts: 13379
    • View Profile
thank you Jens, for reporting and solving.
in the end i opted for a simpler trim().
the fix will be available in next 2.3 beta

what version are you using?