[99s-extend] HTTP Basic Auth base64 decode fails

Loïc Hoguin essen at ninenines.eu
Tue Jul 8 15:21:28 CEST 2014

Previous message: [99s-extend] HTTP Basic Auth base64 decode fails
Next message: [99s-extend] HTTP Basic Auth base64 decode fails
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Parsing of any header may crash. Some may also return an error tuple, 
though that behavior slowly changes and it will always crash in 2.0. So 
just wrap the call around a try/catch if you need to handle the error.

Note that at this exact moment I'm working on returning 400 instead of 
500 automatically when parsing headers end up crashing (and possibly 
other situations later on).

On 07/08/2014 03:17 PM, Paulo F. Oliveira wrote:
> Hello, y'all.
>
> I'm using HTTP Basic Auth in my API. While calling
> cowboy_req:parse_header(<<"authorization>>", ... with an _invalid_
> Authorization header such as "Authorization: Basic Test1" I get an error
> 500 back and an error log message on the server.
>
> 1. Is this the expected behavior? [if I understand correctly, my request
> is going through authorization(UserPass, Type = <<"basic">>) and this
> has no check for the string being correctly encoded]
>
> 2. what would be the best way to guard against this "error"?
>
> Thanks.
>
> - Paulo F. Oliveira
>
>
> _______________________________________________
> Extend mailing list
> Extend at lists.ninenines.eu
> https://lists.ninenines.eu/listinfo/extend
>

-- 
Loïc Hoguin
http://ninenines.eu

Previous message: [99s-extend] HTTP Basic Auth base64 decode fails
Next message: [99s-extend] HTTP Basic Auth base64 decode fails
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Extend mailing list