Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 4987fd1

Browse files
fabpotfabpot
committed
bug #44759 [HttpFoundation] Fix notice when HTTP_PHP_AUTH_USER passed without pass (Vitali Tsyrkin)
This PR was merged into the 4.4 branch. Discussion ---------- [HttpFoundation] Fix notice when HTTP_PHP_AUTH_USER passed without pass | Q | A | ------------- | --- | Branch? | 4.4 | Bug fix? | yes | New feature? | No | Deprecations? | No | License | MIT There is a way to pass HTTP_XXX vars. If someone will pass HTTP_PHP_AUTH_USER var without HTTP_PHP_AUTH_PW notice will appear since there is no second isset check against $headers, there is isset only for $this->params Commits ------- a9c9912 [HttpFoundation] Fix notice when HTTP_PHP_AUTH_USER passed without pass
2 parents 6d67f8c + a9c9912 commit 4987fd1

2 files changed

Lines changed: 11 additions & 1 deletion

File tree

src/Symfony/Component/HttpFoundation/ServerBag.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -89,7 +89,7 @@ public function getHeaders()
8989

9090
// PHP_AUTH_USER/PHP_AUTH_PW
9191
if (isset($headers['PHP_AUTH_USER'])) {
92-
$headers['AUTHORIZATION'] = 'Basic '.base64_encode($headers['PHP_AUTH_USER'].':'.$headers['PHP_AUTH_PW']);
92+
$headers['AUTHORIZATION'] = 'Basic '.base64_encode($headers['PHP_AUTH_USER'].':'.($headers['PHP_AUTH_PW'] ?? ''));
9393
} elseif (isset($headers['PHP_AUTH_DIGEST'])) {
9494
$headers['AUTHORIZATION'] = $headers['PHP_AUTH_DIGEST'];
9595
}

src/Symfony/Component/HttpFoundation/Tests/ServerBagTest.php

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,16 @@ public function testHttpPasswordIsOptional()
5757
], $bag->getHeaders());
5858
}
5959

60+
public function testHttpPasswordIsOptionalWhenPassedWithHttpPrefix()
61+
{
62+
$bag = new ServerBag(['HTTP_PHP_AUTH_USER' => 'foo']);
63+
64+
$this->assertEquals([
65+
'AUTHORIZATION' => 'Basic '.base64_encode('foo:'),
66+
'PHP_AUTH_USER' => 'foo',
67+
], $bag->getHeaders());
68+
}
69+
6070
public function testHttpBasicAuthWithPhpCgi()
6171
{
6272
$bag = new ServerBag(['HTTP_AUTHORIZATION' => 'Basic '.base64_encode('foo:bar')]);

0 commit comments

Comments
 (0)