OpenStack Object Storage (swift)

  1. Bug #1327414
  2. Comment #32

Comment 32 for bug 1327414

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to swift (master)

Reviewed: https://review.openstack.org/101031
Committed: https://git.openstack.org/cgit/openstack/swift/commit/?id=e00da6cabc10b28b55cd1f0d128751f33437fa9e
Submitter: Jenkins
Branch: master

commit e00da6cabc10b28b55cd1f0d128751f33437fa9e
Author: John Dickinson <email address hidden>
Date: Fri Jun 6 11:46:41 2014 -0700

    properly quote www-authenticate header value

    HTTP header values should be quoted. Since the WWW-Authenticate
    header value contains user-supplied strings, it's important to
    ensure it's properly quoted to ensure the integrity of the protocol.

    Previous to this patch, the URL was unquoted and then the unquoted
    value was returned in the header. This patch re-quotes the value
    when it is set on the response.

    This is filed as CVS-2014-3497

    Fixes bug 1327414

    Change-Id: If8bd8842f2ce821756e9b4461a18a8ac8d42fb8c