diff options
| author | Wladimir J. van der Laan <laanwj@gmail.com> | 2016-02-09 08:43:48 +0100 |
|---|---|---|
| committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2016-02-09 08:52:02 +0100 |
| commit | 3db828f9516549f4b18f670b277d3a0301a5db8e (patch) | |
| tree | 1cd63154d5b98b993ec0590924718babe03963c9 /src | |
| parent | 326f010332a68b5b8bbf2ae9c1413d580b1bb9be (diff) | |
| parent | 7c06fbd8f58058d77c3e9da841811201d2e45e92 (diff) | |
Merge #7472: rpc: Add WWW-Authenticate header to 401 response
7c06fbd rpc: Add WWW-Authenticate header to 401 response (Wladimir J. van der Laan)
Diffstat (limited to 'src')
| -rw-r--r-- | src/httprpc.cpp | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/httprpc.cpp b/src/httprpc.cpp index 432a5c0792..a447a3eff8 100644 --- a/src/httprpc.cpp +++ b/src/httprpc.cpp @@ -21,6 +21,9 @@ #include <boost/algorithm/string.hpp> // boost::trim #include <boost/foreach.hpp> //BOOST_FOREACH +/** WWW-Authenticate to present with 401 Unauthorized response */ +static const char* WWW_AUTH_HEADER_DATA = "Basic realm=\"jsonrpc\""; + /** Simple one-shot callback timer to be used by the RPC mechanism to e.g. * re-lock the wellet. */ @@ -151,6 +154,7 @@ static bool HTTPReq_JSONRPC(HTTPRequest* req, const std::string &) // Check authorization std::pair<bool, std::string> authHeader = req->GetHeader("authorization"); if (!authHeader.first) { + req->WriteHeader("WWW-Authenticate", WWW_AUTH_HEADER_DATA); req->WriteReply(HTTP_UNAUTHORIZED); return false; } @@ -163,6 +167,7 @@ static bool HTTPReq_JSONRPC(HTTPRequest* req, const std::string &) shouldn't have their RPC port exposed. */ MilliSleep(250); + req->WriteHeader("WWW-Authenticate", WWW_AUTH_HEADER_DATA); req->WriteReply(HTTP_UNAUTHORIZED); return false; } |