diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2023-08-17 10:46:12 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2023-08-17 10:46:12 +0000 |
commit | 51dfb248933e5fac12fee1be8471bb08f9554428 (patch) | |
tree | 1d25518313ca94af4257e56ef919605a219a4178 /web/api/web_api_v2.c | |
parent | Adding upstream version 1.42.0. (diff) | |
download | netdata-51dfb248933e5fac12fee1be8471bb08f9554428.tar.xz netdata-51dfb248933e5fac12fee1be8471bb08f9554428.zip |
Adding upstream version 1.42.1.upstream/1.42.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'web/api/web_api_v2.c')
-rw-r--r-- | web/api/web_api_v2.c | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/web/api/web_api_v2.c b/web/api/web_api_v2.c index 850282121..e288a5c6b 100644 --- a/web/api/web_api_v2.c +++ b/web/api/web_api_v2.c @@ -53,16 +53,27 @@ static time_t bearer_get_token(uuid_t *uuid) { } #define HTTP_REQUEST_AUTHORIZATION_BEARER "\r\nAuthorization: Bearer " +#define HTTP_REQUEST_X_NETDATA_AUTH_BEARER "\r\nX-Netdata-Auth: Bearer " BEARER_STATUS extract_bearer_token_from_request(struct web_client *w, char *dst, size_t dst_len) { const char *req = buffer_tostring(w->response.data); size_t req_len = buffer_strlen(w->response.data); - const char *bearer = strcasestr(req, HTTP_REQUEST_AUTHORIZATION_BEARER); + const char *bearer = NULL; + const char *bearer_end = NULL; + + bearer = strcasestr(req, HTTP_REQUEST_X_NETDATA_AUTH_BEARER); + if(bearer) + bearer_end = bearer + sizeof(HTTP_REQUEST_X_NETDATA_AUTH_BEARER) - 1; + else { + bearer = strcasestr(req, HTTP_REQUEST_AUTHORIZATION_BEARER); + if(bearer) + bearer_end = bearer + sizeof(HTTP_REQUEST_AUTHORIZATION_BEARER) - 1; + } - if(!bearer) + if(!bearer || !bearer_end) return BEARER_STATUS_NO_BEARER_IN_HEADERS; - const char *token_start = bearer + sizeof(HTTP_REQUEST_AUTHORIZATION_BEARER) - 1; + const char *token_start = bearer_end; while(isspace(*token_start)) token_start++; |