curl/tests/data/test675
Daniel Stenberg 46620b9743
http: use credentials from transfer, not connection
HTTP auth "accidentally" worked before this cleanup since the code would
always overwrite the connection credentials with the credentials from
the most recent transfer and since HTTP auth is typically done first
thing, this has not been an issue. It was still wrong and subject to
possible race conditions or future breakage if the sequence of functions
would change.

The data.set.str[] strings MUST remain unmodified exactly as set by the
user, and the credentials to use internally are instead set/updated in
state.aptr.*

Added test 675 to verify different credentials used in two requests done
over a reused HTTP connection, which previously behaved wrongly.

Fixes #6542
Closes #6545
2021-02-13 22:36:15 +01:00

56 lines
889 B
Plaintext

<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP Basic auth
</keywords>
</info>
# Server-side
<reply>
<data>
HTTP/1.1 200 OK swsclose
Date: Thu, 09 Nov 2010 14:49:00 GMT
Content-Type: text/html
Content-Length: 26
the content would go here
</data>
</reply>
# Client-side
<client>
<server>
http
</server>
<name>
HTTP connection re-use and different credentials
</name>
<command>
http://user1:foo1@%HOSTIP:%HTTPPORT/user1/675 http://user2:foo2@%HOSTIP:%HTTPPORT/user2/675
</command>
<features>
proxy
</features>
</client>
# Verify data after the test has been "shot"
<verify>
<protocol>
GET /user1/675 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Authorization: Basic dXNlcjE6Zm9vMQ==
User-Agent: curl/%VERSION
Accept: */*
GET /user2/675 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Authorization: Basic dXNlcjI6Zm9vMg==
User-Agent: curl/%VERSION
Accept: */*
</protocol>
</verify>
</testcase>