Authorization: header not detected if more than one blank after colon

Jens · **on:** March 01, 2009, 04:27:07 PM

Although hfs might work with most browsers, authentication won't work when behind a MS ISA 2004 firewall. The cause: Firewall proxy rewrites headers so that there is more than one blank between colon and value.

function ThttpConn.getHeader in hslib.pas should be able to strip more than one blank after the header name.

if compareText(chop(':',l), h) = 0 then
begin
if (l>'') and (l[1]=' ') then delete(l,1,1);
result:=l;
exit;
end;

better use something like this:

while (l>'') and (l[1]=' ') do begin delete(l,1,1); end;

rejetto · **Reply #1 on:** March 01, 2009, 06:35:07 PM

thank you Jens, for reporting and solving.
in the end i opted for a simpler trim().
the fix will be available in next 2.3 beta

what version are you using?

Authorization: header not detected if more than one blank after colon

Jens

Authorization: header not detected if more than one blank after colon

rejetto

Re: Authorization: header not detected if more than one blank after colon