Mercurial > hg > orthanc
comparison Core/HttpServer/MongooseServer.cpp @ 1213:787059de6b9a
fix
| author | Sebastien Jodogne <s.jodogne@gmail.com> |
|---|---|
| date | Tue, 04 Nov 2014 14:39:13 +0100 |
| parents | 476a17cfdf42 |
| children | 6e7e5ed91c2d |
comparison
equal
deleted
inserted
replaced
| 1212:79f868a7f972 | 1213:787059de6b9a |
|---|---|
| 416 | 416 |
| 417 HttpHandler::Arguments::const_iterator auth = headers.find("authorization"); | 417 HttpHandler::Arguments::const_iterator auth = headers.find("authorization"); |
| 418 if (auth != headers.end()) | 418 if (auth != headers.end()) |
| 419 { | 419 { |
| 420 std::string s = auth->second; | 420 std::string s = auth->second; |
| 421 if (s.substr(0, 6) == "Basic ") | 421 if (s.size() > 6 && |
| 422 s.substr(0, 6) == "Basic ") | |
| 422 { | 423 { |
| 423 std::string b64 = s.substr(6); | 424 std::string b64 = s.substr(6); |
| 424 granted = that.IsValidBasicHttpAuthentication(b64); | 425 granted = that.IsValidBasicHttpAuthentication(b64); |
| 425 } | 426 } |
| 426 } | 427 } |
| 437 { | 438 { |
| 438 return ""; | 439 return ""; |
| 439 } | 440 } |
| 440 | 441 |
| 441 std::string s = auth->second; | 442 std::string s = auth->second; |
| 442 if (s.substr(0, 6) != "Basic ") | 443 if (s.size() <= 6 || |
| 444 s.substr(0, 6) != "Basic ") | |
| 443 { | 445 { |
| 444 return ""; | 446 return ""; |
| 445 } | 447 } |
| 446 | 448 |
| 447 std::string b64 = s.substr(6); | 449 std::string b64 = s.substr(6); |