Fixes #178 support colon in Password field.

97d26279 · Aleffio · 0b4a91f1 · 97d26279
Commit 97d26279 authored Aug 23, 2017 by Aleffio
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 6 deletions

Controller/Process/Json.php Controller/Process/Json.php +9 -6

No files found.
--- a/Controller/Process/Json.php
+++ b/Controller/Process/Json.php
@@ -300,22 +300,25 @@ class Json extends \Magento\Framework\App\Action\Action
     */
    protected function _fixCgiHttpAuthentication()
    {
-        if (isset($_SERVER['REDIRECT_REMOTE_AUTHORIZATION']) &&
+        // do nothing if values are already there
+        if(!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
+            return;
+        } elseif (isset($_SERVER['REDIRECT_REMOTE_AUTHORIZATION']) &&
            $_SERVER['REDIRECT_REMOTE_AUTHORIZATION'] != '') {
            list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
-                explode(':', base64_decode($_SERVER['REDIRECT_REMOTE_AUTHORIZATION']));
+                explode(':', base64_decode($_SERVER['REDIRECT_REMOTE_AUTHORIZATION']),2);
        } elseif (!empty($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) {
            list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
-                explode(':', base64_decode(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 6)));
+                explode(':', base64_decode(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 6)),2);
        } elseif (!empty($_SERVER['HTTP_AUTHORIZATION'])) {
            list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
-                explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
+                explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)),2);
        } elseif (!empty($_SERVER['REMOTE_USER'])) {
            list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
-                explode(':', base64_decode(substr($_SERVER['REMOTE_USER'], 6)));
+                explode(':', base64_decode(substr($_SERVER['REMOTE_USER'], 6)),2);
        } elseif (!empty($_SERVER['REDIRECT_REMOTE_USER'])) {
            list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
-                explode(':', base64_decode(substr($_SERVER['REDIRECT_REMOTE_USER'], 6)));
+                explode(':', base64_decode(substr($_SERVER['REDIRECT_REMOTE_USER'], 6)),2);
        }
    }