diff options
| -rw-r--r-- | net/http/http_auth.cc | 6 | ||||
| -rw-r--r-- | net/http/http_auth_unittest.cc | 7 |
2 files changed, 12 insertions, 1 deletions
diff --git a/net/http/http_auth.cc b/net/http/http_auth.cc index d65fb4e..ce3e110 100644 --- a/net/http/http_auth.cc +++ b/net/http/http_auth.cc @@ -55,8 +55,12 @@ void HttpAuth::CreateAuthHandler(const std::string& challenge, scoped_refptr<HttpAuthHandler>* handler) { // Find the right auth handler for the challenge's scheme. ChallengeTokenizer props(challenge.begin(), challenge.end()); - scoped_refptr<HttpAuthHandler> tmp_handler; + if (!props.valid()) { + *handler = NULL; + return; + } + scoped_refptr<HttpAuthHandler> tmp_handler; if (LowerCaseEqualsASCII(props.scheme(), "basic")) { tmp_handler = new HttpAuthHandlerBasic(); } else if (LowerCaseEqualsASCII(props.scheme(), "digest")) { diff --git a/net/http/http_auth_unittest.cc b/net/http/http_auth_unittest.cc index 0599246..9bd750e 100644 --- a/net/http/http_auth_unittest.cc +++ b/net/http/http_auth_unittest.cc @@ -39,6 +39,13 @@ TEST(HttpAuthTest, ChooseBestChallenge) { // Pick Digset over Basic "DigestRealm", + }, + { + "Y: Digest realm=\"X\", nonce=\"aaaaaaaaaa\"\n" + "www-authenticate:\n", + + // Handle null header value. + "", } }; |