[hunchentoot-devel] Bug Report: AUTHORIZATION
Michael J. Forster
mike at sharedlogic.ca
Sun Oct 22 16:48:47 UTC 2006
Hi Edi,
I found a bug in AUTHORIZATION.
If I click the "Authorization" link on the Hunchentoot test page and
submit an empty username and password, instead of prompting me
again, the server returns `Internal Server Error'.
In this case, the call to SPLIT returns nil, which does not match the
DESTRUCTURING-BIND lambda list. My first reaction was simply
to rewrite the DESTRUCTURING-BIND to permit a nil username as
well as password:
(destructuring-bind (&optional user password)
(split ":" (base64:base64-string-to-string
(subseq authorization start)))
(values user password))
Then, we would get (VALUES NIL NIL), which would seem consistent
with the documentation. However, I also realised that AUTHORIZATION
will return just nil if the auth header doesn't exist. Should that be
documented?
Here's my environment:
* Hunchentoot 0.4.4 (no Apache, no mod_lisp)
* latest versions (as of today) of dependencies
* LispWorks 4.4.6
* OS X 10.4.8
* Safari 2.0.4
* Firefox 1.5.0.7
Regards,
Mike
P.S. Started migrating our apps from Portable AllegroServe to
Hunchentoot this past week. Very pleased with the API and performance.
Thanks!
--
Michael J. Forster <mike at sharedlogic.ca>
More information about the Tbnl-devel
mailing list