Authorization header not being set correctly
Bug #1337493 reported by
dobey
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Pay Service |
Fix Released
|
Critical
|
dobey | ||
pay-service (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
To do the signing of the request in the verification back-end, the following code is used:
/* Sign the request */
auto auth = token->signUrl(url, "GET");
if (!auth.empty())
{
header += auth;
}
This is incorrect and simply appending the signature as a header, without the required header name.
Related branches
lp:~dobey/pay-service/fix-auth-header
- Alejandro J. Cura (community): Approve
- PS Jenkins bot (community): Approve (continuous-integration)
-
Diff: 13 lines (+2/-1)1 file modifiedservice/verification-curl.cpp (+2/-1)
Changed in pay-service: | |
assignee: | Rodney Dawes (dobey) → nobody |
status: | In Progress → Confirmed |
Changed in pay-service: | |
status: | Confirmed → In Progress |
assignee: | nobody → Rodney Dawes (dobey) |
Changed in pay-service: | |
status: | In Progress → Fix Released |
To post a comment you must log in.
This bug was fixed in the package pay-service - 0.1+14. 10.20140710- 0ubuntu1
--------------- 10.20140710- 0ubuntu1) utopic; urgency=low
pay-service (0.1+14.
[ Ted Gould ]
* Correct error message copy
* Bootstrap documentation for libpay
[ Rodney Dawes ]
* Drop the extra include of FindPkgConfig as it is not needed. (LP:
#1337332)
* Append a / to the URL path to avoid a redirect from the server. (LP:
#1340350)
* Append the correct thing to the headers list. (LP: #1337493)
-- Ubuntu daily release <email address hidden> Thu, 10 Jul 2014 21:11:23 +0000