voussoir/else
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix password check when auth_cookie is http.cookies.Morsel.

Browse source
This commit is contained in:
voussoir 2021-11-22 12:35:45 -08:00
parent 954c4c16b0
commit 7a7c179997
No known key found for this signature in database
GPG key ID: 5F7554F8C26DACCB
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
SimpleServer/simpleserver.py
View file

@ -116,7 +116,11 @@ class RequestHandler(http.server.BaseHTTPRequestHandler):
if self.auth_header == self.server.password: if self.auth_header == self.server.password:
return True return True
if self.server.accepted_tokens is not None and self.auth_cookie in self.server.accepted_tokens: cookie = self.auth_cookie
if isinstance(cookie, http.cookies.Morsel):
cookie = cookie.value
if self.server.accepted_tokens is not None and cookie in self.server.accepted_tokens:
return True return True
if self.server.accepted_ips is not None and self.remote_addr in self.server.accepted_ips: if self.server.accepted_ips is not None and self.remote_addr in self.server.accepted_ips: