[QP] IE7 and digest auth patch

IE7 and digest auth patch
2007-09-26
IE7 and digest auth patch
David K. Hess
2007-09-26
In qp-2.0, auth using digest is failing when using IE7. IE7
(apparently unlike other browsers) has no whitespace between name/
value pairs of the HTTP_AUTHORIZATION header which makes it
unparseable by DurusPublisher.ensure_signed_in_using_digest. The
following is a patch that corrects for it (and hopefully doesn't
break anything else...).

--- /usr/local/lib/python2.5/site-packages/qp/pub/publish.py
2007-09-25 11:12:24.000000000 -0400
+++ pub/publish.py      2007-09-25 11:16:44.000000000 -0400
@@ -704,6 +704,8 @@
              def attempt_digest_authentication():
                  authorization = get_request().get_header(
                      'HTTP_AUTHORIZATION', '').split()
+                if len(authorization) < 5 and len(authorization) > 0:
+                    authorization[-1:] = authorization[-1].split(',')
                  if len(authorization) < 5:
                      return
                  if authorization[0].lower() != 'digest':

Dave

------
David K. Hess
Cell 214.684.5448 | Fax 214.764.7183
dhess@fishsoftware.com



This email message is for the sole use of the intended recipient(s) and may
contain confidential and privileged information.
Any unauthorized review, use, disclosure or distribution is prohibited. If you
are not the intended recipient, please contact the sender by reply email and
delete and destroy all copies of the original message.