Hi Edi,
I found a bug in AUTHORIZATION.
If I click the "Authorization" link on the Hunchentoot test page and submit an empty username and password, instead of prompting me again, the server returns `Internal Server Error'.
In this case, the call to SPLIT returns nil, which does not match the DESTRUCTURING-BIND lambda list. My first reaction was simply to rewrite the DESTRUCTURING-BIND to permit a nil username as well as password:
(destructuring-bind (&optional user password) (split ":" (base64:base64-string-to-string (subseq authorization start))) (values user password))
Then, we would get (VALUES NIL NIL), which would seem consistent with the documentation. However, I also realised that AUTHORIZATION will return just nil if the auth header doesn't exist. Should that be documented?
Here's my environment:
* Hunchentoot 0.4.4 (no Apache, no mod_lisp) * latest versions (as of today) of dependencies * LispWorks 4.4.6 * OS X 10.4.8 * Safari 2.0.4 * Firefox 1.5.0.7
Regards,
Mike
P.S. Started migrating our apps from Portable AllegroServe to Hunchentoot this past week. Very pleased with the API and performance. Thanks!
-- Michael J. Forster mike@sharedlogic.ca
On 2006-10-22, at 15:53, Arthur Lemmens wrote:
Michael Forster wrote:
Hi Edi
Edi is on vacation this week and probably won't be reading his email until October 29.
Arthur Lemmens
Thanks, Arthur.
-- Michael J. Forster mike@sharedlogic.ca
[Returned from vacation earlier than planned.]
Hi Michael!
On Sun, 22 Oct 2006 11:48:47 -0500, "Michael J. Forster" mike@sharedlogic.ca wrote:
I found a bug in AUTHORIZATION.
Thanks for the report, I've released a new version which should fix that.
Cheers, Edi.
-
Arthur Lemmens -
Edi Weitz -
Michael J. Forster