bug #17478 [HttpFoundation] Do not overwrite the Authorization header if it is already set (jakzal)
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes #17478).
Discussion
----------
[HttpFoundation] Do not overwrite the Authorization header if it is already set
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #17345
| License | MIT
| Doc PR | -
Commits
-------
53ebfda
[HttpFoundation] Do not overwrite the Authorization header if it is already set
This commit is contained in:
commit
9a90cde4ed
@ -86,6 +86,10 @@ class ServerBag extends ParameterBag
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (isset($headers['AUTHORIZATION'])) {
|
||||||
|
return $headers;
|
||||||
|
}
|
||||||
|
|
||||||
// PHP_AUTH_USER/PHP_AUTH_PW
|
// PHP_AUTH_USER/PHP_AUTH_PW
|
||||||
if (isset($headers['PHP_AUTH_USER'])) {
|
if (isset($headers['PHP_AUTH_USER'])) {
|
||||||
$headers['AUTHORIZATION'] = 'Basic '.base64_encode($headers['PHP_AUTH_USER'].':'.$headers['PHP_AUTH_PW']);
|
$headers['AUTHORIZATION'] = 'Basic '.base64_encode($headers['PHP_AUTH_USER'].':'.$headers['PHP_AUTH_PW']);
|
||||||
|
@ -151,4 +151,19 @@ class ServerBagTest extends \PHPUnit_Framework_TestCase
|
|||||||
'AUTHORIZATION' => $headerContent,
|
'AUTHORIZATION' => $headerContent,
|
||||||
), $bag->getHeaders());
|
), $bag->getHeaders());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see https://github.com/symfony/symfony/issues/17345
|
||||||
|
*/
|
||||||
|
public function testItDoesNotOverwriteTheAuthorizationHeaderIfItIsAlreadySet()
|
||||||
|
{
|
||||||
|
$headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo';
|
||||||
|
$bag = new ServerBag(array('PHP_AUTH_USER' => 'foo', 'HTTP_AUTHORIZATION' => $headerContent));
|
||||||
|
|
||||||
|
$this->assertEquals(array(
|
||||||
|
'AUTHORIZATION' => $headerContent,
|
||||||
|
'PHP_AUTH_USER' => 'foo',
|
||||||
|
'PHP_AUTH_PW' => '',
|
||||||
|
), $bag->getHeaders());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user