owncast

mirror of https://github.com/owncast/owncast.git synced 2024-10-24 05:25:58 +03:00

History

Alyssa Ross 092134f3f3 Fix parsing of Authorization Bearer header (#3376 ) The semantics of the Authorization header are defined by RFC 9110, which says: > It uses a case-insensitive token to identify the authentication scheme: Therefore, "bearer", "Bearer", and "bEARER" are equivalent. This patch fixes the parsing of the Authorization header to check for the Bearer authentication scheme case insensitively. I've modified one of the test cases to use lowercase "bearer", so there's test coverage for this.		2023-10-21 10:00:50 -07:00
..
activityPub.go	Check multiple Accept headers for content-type (#1935 )	2022-05-27 10:19:14 -07:00
auth.go	Fix parsing of Authorization Bearer header (#3376 )	2023-10-21 10:00:50 -07:00
caching.go	Use bundled images instead of old webroot files	2022-06-20 22:10:55 -07:00
cors.go	do not pass http.ResponseWriter as pointer to EnableCors (#1440 )	2021-10-01 12:40:13 -07:00
headers.go	Support CSP nonce for webv2. Closes #2127	2022-12-12 17:04:00 -08:00
pagination.go	Handle pagination for the federated actions & followers responses (#1731 )	2022-03-06 17:18:51 -08:00