1
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-23 22:27:38 -05:00
caddy/caddyhttp/basicauth
Matthew Holt 54acb9b2de
basicauth: Remove Authorization header on successful authz (issue #1324)
If a site owner protects a path with basicauth, no need
to use the Authorization header elsewhere upstream, especially since it
contains credentials.

If this breaks anyone, it means they're double-dipping. It's usually
good practice to clear out credentials as soon as they're not needed
anymore. (Note that we only clear credentials after they're used,
they stay for any other reason.)
2017-01-03 17:47:27 -07:00
..
basicauth.go basicauth: Remove Authorization header on successful authz (issue #1324) 2017-01-03 17:47:27 -07:00
basicauth_test.go basicauth: Remove Authorization header on successful authz (issue #1324) 2017-01-03 17:47:27 -07:00
setup.go Refactor how caddy.Context is stored and used 2016-06-20 11:59:23 -06:00
setup_test.go Refactor how caddy.Context is stored and used 2016-06-20 11:59:23 -06:00