Bug 778497 – HTTP authentication with flag SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE success if a previous one stored the credentials

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 778497 - HTTP authentication with flag SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE success if a previous one stored the credentials


Summary:	HTTP authentication with flag SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE success if a...


Status:	RESOLVED FIXED

Product:	libsoup
Classification:	Core
Component:	HTTP Transport
Version:	2.57.x
Hardware:	Other Linux

Importance:	Normal normal
Target Milestone:	---
Assigned To:	libsoup-maint@gnome.bugs
QA Contact:	libsoup-maint@gnome.bugs

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2017-02-11 16:43 UTC by Carlos Garcia Campos
Modified:	2017-02-22 08:21 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
auth: do not use cached credentials in lookup method when flag SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE is present (4.21 KB, patch) 2017-02-11 16:50 UTC, Carlos Garcia Campos	committed	Details \| Review

Description Carlos Garcia Campos 2017-02-11 16:43:26 UTC

This is because in got-body lookup_auth will return the previously stored auth, if the message doesn't have an auth or it's not ready. When using SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE we should only check the message auth in lookup methods.

Comment 1 Carlos Garcia Campos 2017-02-11 16:50:24 UTC

Created attachment 345529 [details] [review]
auth: do not use cached credentials in lookup method when flag SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE is present