[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bug in url-get-authentication

From: John Wiegley
Subject: Bug in url-get-authentication
Date: Mon, 10 Dec 2007 14:40:11 -0400

At the bottom of url-get-authentication, there is a sexp that looks like this:

  (if (and scheme (fboundp scheme))
          (funcall scheme url prompt
                   (and prompt
                        (funcall scheme url nil nil realm args))
                   realm args))

What this says is that if the scheme succeeds, the same function is called again and the user/pass authentication info overwrites whatever was previously stored. However, if prompt is t, the user gets prompted _every_ time a page requiring authentication is accessed -- even if they have already successfully authenticated. This is because there is an (or (and (not retval) prompt) overwrite) sexp inside url- digest-auth, meaning that overwrite true == show prompt, even if authentication succeeded on the previous pass.

The solution to this is yet another version of url-digest-auth (which includes my previous fix):

Attachment: url-digest-auth.el
Description: Binary data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]