Skip Menu |

Preferred bug tracker

Please visit the preferred bug tracker to report your issue.

This queue is for tickets about the Dancer-Plugin-Auth-Htpasswd CPAN distribution.

Report information
The Basics
Id: 93837
Status: open
Priority: 0/
Queue: Dancer-Plugin-Auth-Htpasswd
People
Owner: Nobody in particular
Requestors: vma [...] randomcrap.de
Cc:
AdminCc:
Bug Information
Severity: Important
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Thu Mar 13 16:30:39 2014 vma [...] randomcrap.de - Ticket created
Subject: Bugreport:
Date: Thu, 13 Mar 2014 21:30:27 +0100
To: "bug-dancer-plugin-auth-htpasswd rt.cpan.org" <bug-dancer-plugin-auth-htpasswd [...] rt.cpan.org>
From: Viktor Malachinski <vma [...] randomcrap.de>
Hello, i think there is a bug lying within your Dancer::Plugin::Auth::Htpasswd module. When the login request pops up in the browser and you press 'OK' without entering anything the plugin will let you enter the restricted area. I tested that with different browsers, same effect. adding a line like if (defined $user && defined $password && $user ne '' && $password ne '') { above my $htpasswd = Authen::Htpasswd->new($passwd_file); fixed the problem for me. Not sure if this is a feature or bug of Authen::Htpasswd, but it returns a positive result for empty/undef user & pw Best regards Viktor Malachinski --
  Sat Mar 15 04:59:25 2014 ether [...] cpan.org - Severity Important added
  Sat Apr 12 14:12:51 2014 ODYNIEC [...] cpan.org - Correspondence added
On Thu Mar 13 16:30:39 2014, vma@randomcrap.de wrote: Show quoted text
> Hello, > i think there is a bug lying within your > Dancer::Plugin::Auth::Htpasswd module. > > When the login request pops up in the browser and you press 'OK' > without entering anything the plugin will let you enter the restricted > area. I tested that with different browsers, same effect. > > adding a line like > > if (defined $user && defined $password && $user ne '' && $password ne > '') { > > above > > my $htpasswd = Authen::Htpasswd->new($passwd_file); > > fixed the problem for me. > Not sure if this is a feature or bug of Authen::Htpasswd, but it > returns a positive result for empty/undef user & pw
I haven't been able to reproduce the problem so far. How was your Dancer app configured to use the htpasswd file? Which browsers did you use to test it?
  Sat Apr 12 14:12:51 2014 The RT System itself - Status changed from 'new' to 'open'