Closed Robertof closed 10 years ago
Ugh. Too much ruby programming. I will fix and redeploy to CPAN tonight.
Thank you!
Though now that I think about it, one can set secrets
to any value, so just dereferencing an array is not foolproof...
Yes, but everywhere in the documentation the secrets are treated as arrays (though it does not explicitly say that only arrays are allowed). Maybe some magic with ref()
will fix the issue, like ref $app->secrets eq 'ARRAY' ? $app->secrets->[0] : 'dummy'
. Or we can simply tell the user to use an array otherwise nothing will work.
New version is here: https://metacpan.org/release/SHAW/Mojolicious-Plugin-DigestAuth-0.08
Thanks a lot for the fast and "proper" fix. Keep up the good work and good night!
I was having problems with Firefox and this plugin after restarting the webserver hosting Mojolicious.
After some investigating, I found that after the webserver has been restarted a different
opaque
value is generated. This shouldn't happen, because the browsers cache theopaque
value too (with the otherAuthentication
parameters), and when they send the old one the plugin will return aBad request
.With https://github.com/sshaw/Mojolicious-Plugin-DigestAuth/commit/87fc55d6f2582782838ef9b36ef5194d6a81b1af the support to the
secrets
method has been added. However, probably you have forgotten the dereferencing operator, because the method returns an array reference (and you try with[]
too!). This fixes it, and consequently it fixes theopaque
problems with the browsers.Thank you for your great plugin, by the way.