diff options
author | Ed Tanous <ed.tanous@intel.com> | 2019-08-01 02:52:24 +0300 |
---|---|---|
committer | Ed Tanous <ed.tanous@intel.com> | 2019-08-02 19:30:41 +0300 |
commit | fdf43a3fc87728ca0455c1ee2931be821f83b51d (patch) | |
tree | dc06f0ef6d016673761784056b61f73623ac8a24 /include | |
parent | c619141b47d5aaa5227a2a9ef0ef8ee6f0bef22f (diff) | |
download | bmcweb-fdf43a3fc87728ca0455c1ee2931be821f83b51d.tar.xz |
Ignore charset for /login attempts
bmcweb fails when attempting to login with a Content header of
application/json; charset=utf8. This is because of an exact string
compare. This commit changes the check to only check the begining of
the string, and adds some logging to make it more clear when we hit this
in the future.
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: I972a80c174a18295205340271b781c9d6693ee17
Diffstat (limited to 'include')
-rw-r--r-- | include/token_authorization_middleware.hpp | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/include/token_authorization_middleware.hpp b/include/token_authorization_middleware.hpp index ee34d00508..2ff3879bec 100644 --- a/include/token_authorization_middleware.hpp +++ b/include/token_authorization_middleware.hpp @@ -283,12 +283,13 @@ template <typename... Middlewares> void requestRoutes(Crow<Middlewares...>& app) // within it are not destroyed before we can use them nlohmann::json loginCredentials; // Check if auth was provided by a payload - if (contentType == "application/json") + if (boost::starts_with(contentType, "application/json")) { loginCredentials = nlohmann::json::parse(req.body, nullptr, false); if (loginCredentials.is_discarded()) { + BMCWEB_LOG_DEBUG << "Bad json in request"; res.result(boost::beast::http::status::bad_request); res.end(); return; @@ -424,6 +425,7 @@ template <typename... Middlewares> void requestRoutes(Crow<Middlewares...>& app) } else { + BMCWEB_LOG_DEBUG << "Couldn't interpret password"; res.result(boost::beast::http::status::bad_request); } res.end(); |