nik/davical
1
0
Fork 0
mirror of https://gitlab.com/davical-project/davical.git synced 2026-01-27 00:33:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Lowercase string when comparing HTTP header for debug output

Browse Source 
HTTP/2 requests to Davical with debug mode result in logged
Authorization header as the comparison is currently case sensitive

https://datatracker.ietf.org/doc/rfc9113/
> 8.2.  HTTP Fields
> Field names MUST be converted to lowercase when constructing an HTTP/2
message.
This commit is contained in:
Jaydn 2024-09-03 10:44:32 +09:30
parent 4d06333f7e
commit a2a9a57fdd
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/caldav.php
View File

@ -28,7 +28,7 @@ function logRequestHeaders() {
dbg_error_log( "LOG ", "***************** Request Header ****************" );
dbg_error_log( "LOG ", "%s %s", $_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI'] );
foreach( $lines AS $k => $v ) {
if ( $k != 'Authorization' || (isset($c->dbg['password']) && $c->dbg['password'] ) )
if ( strtolower($k) != 'authorization' || (isset($c->dbg['password']) && $c->dbg['password'] ) )
dbg_error_log( "LOG headers", "-->%s: %s", $k, $v );
else
dbg_error_log( "LOG headers", "-->%s: %s", $k, 'Delicious tasty password eaten by debugging monster!' );