sshaw
commented
10 years ago Ugh. Too much ruby programming. I will fix and redeploy to CPAN tonight.
Closed Robertof closed 10 years ago
sshaw
commented
10 years ago Ugh. Too much ruby programming. I will fix and redeploy to CPAN tonight.
Robertof
commented
10 years ago Thank you!
sshaw
commented
10 years ago Though now that I think about it, one can set secrets to any value, so just dereferencing an array is not foolproof...
Robertof
commented
10 years ago Yes, but everywhere in the documentation the secrets are treated as arrays (though it does not explicitly say that only arrays are allowed). Maybe some magic with ref() will fix the issue, like ref $app->secrets eq 'ARRAY' ? $app->secrets->[0] : 'dummy'. Or we can simply tell the user to use an array otherwise nothing will work.
sshaw
commented
10 years ago New version is here: https://metacpan.org/release/SHAW/Mojolicious-Plugin-DigestAuth-0.08
Robertof
commented
10 years ago Thanks a lot for the fast and "proper" fix. Keep up the good work and good night!
I was having problems with Firefox and this plugin after restarting the webserver hosting Mojolicious.
After some investigating, I found that after the webserver has been restarted a different
opaquevalue is generated. This shouldn't happen, because the browsers cache theopaquevalue too (with the otherAuthenticationparameters), and when they send the old one the plugin will return aBad request.With https://github.com/sshaw/Mojolicious-Plugin-DigestAuth/commit/87fc55d6f2582782838ef9b36ef5194d6a81b1af the support to the
secretsmethod has been added. However, probably you have forgotten the dereferencing operator, because the method returns an array reference (and you try with[]too!). This fixes it, and consequently it fixes theopaqueproblems with the browsers.Thank you for your great plugin, by the way.