|
From: | Stefan Monnier |
Subject: | bug#21350: 25.0.50; Do not automatically include authorization header in HTTP redirects |
Date: | Sat, 29 Aug 2015 11:21:35 -0400 |
User-agent: | Gnus/5.13 (Gnus v5.13) Emacs/25.0.50 (gnu/linux) |
> This patch is required for url-http-ntlm.el to handle redirects. I'd > like someone more familiar with url-http.el to review it. I'm not sure if there is such a someone, to tell you the truth. I can give you comments about Elisp style: + ;; Don't automatically include authorization header in redirect. + ;; If needed it will be regenerated by the relevant auth scheme + ;; when the new request happens. + (setq url-http-extra-headers + (let (result) + (dolist (header url-http-extra-headers) + (if (not (equal (car header) "Authorization")) + (push header result))) + (nreverse result))) IIUC this is like: (let ((a (assoc "Authorization" url-http-extra-headers))) (if a (setq url-http-extra-headers (delq a url-http-extra-headers)))) Tho maybe it should be `remq' rather than `delq'. Stefan
[Prev in Thread] | Current Thread | [Next in Thread] |