[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#27022: url-retrieve + .authinfo bug
From: |
Lars Ingebrigtsen |
Subject: |
bug#27022: url-retrieve + .authinfo bug |
Date: |
Fri, 26 Jul 2019 10:46:40 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) |
Andy Wingo <wingo@pobox.com> writes:
> If you try to do a url-retrieve over HTTP on a URL that requires HTTP
> basic authentication, and you have an .authinfo file, and that .authinfo
> contains an incorrect login, then Emacs will keep appending the same
> Authorization: header to the request -- over and over, making the
> request larger and larger, with no stop condition. Eventually nginx
> produces a "400 Bad Request" error because there were too many headers.
>
> Emacs should instead error after the first attempt at authentication
> fails.
I'm able to reproduce this with this in my .authinfo file:
machine jigsaw.w3.org:443 login guest password wrong
and then:
(url-retrieve "https://jigsaw.w3.org/HTTP/Basic/" #'ignore)
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
- bug#27022: url-retrieve + .authinfo bug,
Lars Ingebrigtsen <=