Mercurial > hg > orthanc
comparison Core/HttpServer/MongooseServer.cpp @ 1213:787059de6b9a
fix
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Tue, 04 Nov 2014 14:39:13 +0100 |
parents | 476a17cfdf42 |
children | 6e7e5ed91c2d |
comparison
equal
deleted
inserted
replaced
1212:79f868a7f972 | 1213:787059de6b9a |
---|---|
416 | 416 |
417 HttpHandler::Arguments::const_iterator auth = headers.find("authorization"); | 417 HttpHandler::Arguments::const_iterator auth = headers.find("authorization"); |
418 if (auth != headers.end()) | 418 if (auth != headers.end()) |
419 { | 419 { |
420 std::string s = auth->second; | 420 std::string s = auth->second; |
421 if (s.substr(0, 6) == "Basic ") | 421 if (s.size() > 6 && |
422 s.substr(0, 6) == "Basic ") | |
422 { | 423 { |
423 std::string b64 = s.substr(6); | 424 std::string b64 = s.substr(6); |
424 granted = that.IsValidBasicHttpAuthentication(b64); | 425 granted = that.IsValidBasicHttpAuthentication(b64); |
425 } | 426 } |
426 } | 427 } |
437 { | 438 { |
438 return ""; | 439 return ""; |
439 } | 440 } |
440 | 441 |
441 std::string s = auth->second; | 442 std::string s = auth->second; |
442 if (s.substr(0, 6) != "Basic ") | 443 if (s.size() <= 6 || |
444 s.substr(0, 6) != "Basic ") | |
443 { | 445 { |
444 return ""; | 446 return ""; |
445 } | 447 } |
446 | 448 |
447 std::string b64 = s.substr(6); | 449 std::string b64 = s.substr(6); |