incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marcello Nuccio <marcello.nuc...@gmail.com>
Subject Bug parsing Accept header?
Date Fri, 17 Jun 2011 12:28:14 GMT
Trying to debug why the configuration option `authentication_redirect`
did stopped working in CouchDB-1.1, I have finally nailed it down to a
simple use-case.

You can reproduce it with the following commands (assuming you have
setup and admin user with name "admin" and password "pass":

$ curl -X PUT 'http://admin:pass@localhost:5984/testauth'
{"ok":true}

$ cat security.json
{"admins":{"names":["boutique"],"roles":[]},"readers":{"names":[],"roles":["azienda"]}}

$ curl -X PUT 'http://admin:pass@localhost:5984/testauth/_security' -d
@security.json -H 'Content-Type: application/json; charset=UTF-8'
{"ok":true}

$ curl -D- 'http://admin:pass@localhost:5984/testauth'
HTTP/1.1 200 OK
Server: CouchDB/1.1.0 (Erlang OTP/R14B03)
Date: Fri, 17 Jun 2011 11:56:32 GMT
Content-Type: text/plain;charset=utf-8
Content-Length: 215
Cache-Control: must-revalidate

{"db_name":"testauth","doc_count":0,"doc_del_count":0,"update_seq":1,"purge_seq":0,"compact_running":false,"disk_size":4171,"instance_start_time":"1308310604678421","disk_format_version":5,"committed_update_seq":1}

$ curl -D- 'http://localhost:5984/testauth'
HTTP/1.1 401 Unauthorized
Server: CouchDB/1.1.0 (Erlang OTP/R14B03)
Date: Fri, 17 Jun 2011 11:56:44 GMT
Content-Type: text/plain;charset=utf-8
Content-Length: 78
Cache-Control: must-revalidate

{"error":"unauthorized","reason":"You are not authorized to access this db."}

$ curl -D- 'http://localhost:5984/testauth' -H 'Accept: text/html,*/*;q=0.0'
HTTP/1.1 302 Moved Temporarily
Server: CouchDB/1.1.0 (Erlang OTP/R14B03)
Location: http://localhost:5984/cerbero/_design/cerbero/login.html?return=%2Ftestauth&reason=You%20are%20not%20authorized%20to%20access%20this%20db.
Date: Fri, 17 Jun 2011 11:57:41 GMT
Content-Type: text/plain;charset=utf-8
Content-Length: 78
Cache-Control: must-revalidate

{"error":"unauthorized","reason":"You are not authorized to access this db."}

$ curl -D- 'http://localhost:5984/testauth' -H 'Accept: text/html,*/*;q=0.1'
HTTP/1.1 401 Unauthorized
Server: CouchDB/1.1.0 (Erlang OTP/R14B03)
Date: Fri, 17 Jun 2011 11:57:55 GMT
Content-Type: text/plain;charset=utf-8
Content-Length: 78
Cache-Control: must-revalidate

{"error":"unauthorized","reason":"You are not authorized to access this db."}


This last one should give you the same "302 Moved Temporarily"
response as the previous one, because we accept "text/html".

The problem is that Firefox uses a similar Accept header, so it gets a
401 Unauthorized error instead of being redirected to the login page.

I think the problem was introduced by this commit:
https://github.com/apache/couchdb/commit/0264c51de7f281bc3b01d51e43831da2bcc741df

Is this a bug, or is intended behaviour?

Thanks,
  Marcello

Mime
View raw message