buzzert/Kordophone
Private
Public Access
1
0
Fork 0
Code Packages Activity

updates: should really return 401 for bad auth instead of 404

Browse Source
This commit is contained in:
James Magahern
2025-06-16 19:18:14 -07:00
parent bb04bc4352
commit 800090542d
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
kordophone/Bridge/MBIMHTTPConnection.m
View File

@@ -17,6 +17,7 @@
#import <Security/Security.h> #import <Security/Security.h>
#import "HTTPMessage.h" #import "HTTPMessage.h"
#import "GCDAsyncSocket.h"
@interface HTTPConnection (/* INTERNAL */) @interface HTTPConnection (/* INTERNAL */)
- (BOOL)isAuthenticated; - (BOOL)isAuthenticated;
@@ -139,6 +140,14 @@
if (![self isAuthenticated] && ![queryAuthToken isValid]) { if (![self isAuthenticated] && ![queryAuthToken isValid]) {
NSLog(@"Websocket: auth invalid, rejecting."); NSLog(@"Websocket: auth invalid, rejecting.");
NSLog(@"Query Token: %@, raw: %@", queryAuthToken, authTokenString); NSLog(@"Query Token: %@, raw: %@", queryAuthToken, authTokenString);
// Respond with 401 unauthorized
HTTPMessage *response = [[HTTPMessage alloc] initResponseWithStatusCode:401 description:nil version:HTTPVersion1_1];
[response setHeaderField:@"Content-Length" value:@"0"];
NSData *responseData = [self preprocessErrorResponse:response];
[asyncSocket writeData:responseData withTimeout:30 tag:90];
return nil; return nil;
} }