Skip to content

Commit

Permalink
Ensure basic auth and body are only tested if explicitly set
Browse files Browse the repository at this point in the history
  • Loading branch information
marc-gr committed Sep 27, 2021
1 parent b648de1 commit 9e0e833
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 1 deletion.
8 changes: 8 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,14 @@ This project adheres to [Semantic Versioning](http://semver.org/).

## [Unreleased]

### Added

- Added file template helper function. [#25](https://github.com/elastic/stream/pull/25)

### Fixed

- Ensure basic auth and body are only tested if explicitly set. [#28](https://github.com/elastic/stream/pull/28)

## [0.5.0]

- Added option to set up custom buffer size for the log reader. [#22](https://github.com/elastic/stream/pull/22)
Expand Down
11 changes: 10 additions & 1 deletion pkg/httpserver/httpserver.go
Original file line number Diff line number Diff line change
Expand Up @@ -173,10 +173,19 @@ func newHandlerFromConfig(config *config, logger *zap.SugaredLogger) (http.Handl

route.MatcherFunc(func(r *http.Request, rm *mux.RouteMatch) bool {
user, password, _ := r.BasicAuth()
return rule.User == user && rule.Password == password
if rule.User != "" && user != rule.User {
return false
}
if rule.Password != "" && password != rule.Password {
return false
}
return true
})

route.MatcherFunc(func(r *http.Request, rm *mux.RouteMatch) bool {
if rule.RequestBody == "" {
return true
}
body, err := ioutil.ReadAll(r.Body)
if err != nil {
return false
Expand Down

0 comments on commit 9e0e833

Please sign in to comment.