View Issue Details

Related ChangesetsJump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0006737Talermechant backendpublic2021-02-04 18:182024-01-12 14:04
ReporterFlorian Dold Assigned ToChristian Grothoff  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Product Versiongit (master) 
Target Version0.8Fixed in Version0.8 
Summary0006737: merchant should allow requests if authorization is not required, but "foreign" Authorization header is present
DescriptionThe merchant backend currently checks the syntax of the "Authorization" header before even checking if authorization is needed. The merchant *only* accepts bearer tokens in the Authorization header.

This complicates the deployment of the merchant backend where the reverse proxy handles authentication. The reverse proxy might not remove the authentication header before giving the request to the merchant backend.
TagsNo tags attached.

Activities

Christian Grothoff

2021-02-04 18:35

manager   ~0017497

Should be fixed in e919d68..00c0256

Christian Grothoff

2021-09-02 18:23

manager   ~0018362

Fix committed to master branch.

Related Changesets

merchant: master 00c02568

2021-02-04 19:27

Christian Grothoff


Details Diff		 fix 0006737 Affected Issues
0006737
mod - src/backend/taler-merchant-httpd.c Diff File

Issue History

Date Modified Username Field Change
2021-02-04 18:18 Florian Dold New Issue
2021-02-04 18:18 Florian Dold Status new => assigned
2021-02-04 18:18 Florian Dold Assigned To => Christian Grothoff
2021-02-04 18:35 Christian Grothoff Status assigned => resolved
2021-02-04 18:35 Christian Grothoff Resolution open => fixed
2021-02-04 18:35 Christian Grothoff Fixed in Version => 0.9
2021-02-04 18:35 Christian Grothoff Note Added: 0017497
2021-02-04 18:35 Christian Grothoff Fixed in Version 0.9 => 0.8.1
2021-07-30 14:02 Christian Grothoff Fixed in Version 0.8.1 => 0.8
2021-07-30 14:02 Christian Grothoff Target Version 0.8.1 => 0.8
2021-08-24 16:23 Christian Grothoff Status resolved => closed
2021-09-02 18:22 Christian Grothoff Changeset attached => Taler-merchant master 00c02568
2021-09-02 18:23 Christian Grothoff Note Added: 0018362
2024-01-12 14:04 Christian Grothoff Category merchant backend API (C) => mechant backend