1
0
Fork 0

Tweak so that we allow authentication for domains we redirect to, refs #6717

pull/6847/merge
Jordi Boggiano 2017-11-29 15:56:45 +01:00
parent 128e424c90
commit 743153e862
1 changed files with 2 additions and 13 deletions

View File

@ -247,17 +247,6 @@ class RemoteFilesystem
unset($tempAdditionalOptions);
$userlandFollow = isset($options['http']['follow_location']) && !$options['http']['follow_location'];
if ($isRedirect && $this->io->hasAuthentication($this->originUrl)) {
// Redirecting away from originUrl domain? Then remove the auth headers.
$redirectHost = parse_url($this->fileUrl, PHP_URL_HOST);
if ($this->originUrl != $redirectHost && stripos($redirectHost, '.' . $this->originUrl) === false) {
// Strip off authentication
$options['http']['header'] = array_filter($options['http']['header'], function($value){
return stripos($value, 'Authorization') !== 0;
});
}
}
$origFileUrl = $fileUrl;
if (isset($options['github-token'])) {
@ -775,7 +764,7 @@ class RemoteFilesystem
$authStr = base64_encode($auth['username'] . ':' . $auth['password']);
$headers[] = 'Authorization: Basic '.$authStr;
}
$userlandFollow = true; // always perform userland follow (to be able to change headers when redirected)
$userlandFollow = true; // always perform userland follow (to be able to change Authorization headers when redirected)
}
if (isset($userlandFollow)) {
@ -822,7 +811,7 @@ class RemoteFilesystem
$additionalOptions['redirects'] = $this->redirects;
return $this->get($this->originUrl, $targetUrl, $additionalOptions, $this->fileName, $this->progress);
return $this->get(parse_url($targetUrl, PHP_URL_HOST), $targetUrl, $additionalOptions, $this->fileName, $this->progress);
}
if (!$this->retry) {