dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make the test for the Auth header name case-insensitive

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@204 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
rogan.dawes 2007-07-25 12:55:18 +00:00
parent 043c0e5926
commit add34a24dc
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/BasicAuthentication.java
View File

@ -100,7 +100,7 @@ public class BasicAuthentication extends SequentialLessonAdapter
//<START_OMIT_SOURCE> //<START_OMIT_SOURCE>
// FIXME: This won;t work for CBT, we need to use the UserTracker // FIXME: This won;t work for CBT, we need to use the UserTracker
//Authorization: Basic Z3Vlc3Q6Z3Vlc3Q= //Authorization: Basic Z3Vlc3Q6Z3Vlc3Q=
if (headerName.equals(AUTHORIZATION) if (headerName.equalsIgnoreCase(AUTHORIZATION)
&& (headerValue.equals("guest:guest") || headerValue && (headerValue.equals("guest:guest") || headerValue
.equals("webgoat:webgoat"))) .equals("webgoat:webgoat")))
{ {