head_http.js (1158B)
1 /* Any copyright is dedicated to the Public Domain. 2 http://creativecommons.org/publicdomain/zero/1.0/ */ 3 4 /* import-globals-from head_global.js */ 5 6 var { CommonUtils } = ChromeUtils.importESModule( 7 "resource://services-common/utils.sys.mjs" 8 ); 9 10 function basic_auth_header(user, password) { 11 return "Basic " + btoa(user + ":" + CommonUtils.encodeUTF8(password)); 12 } 13 14 function basic_auth_matches(req, user, password) { 15 if (!req.hasHeader("Authorization")) { 16 return false; 17 } 18 19 let expected = basic_auth_header(user, CommonUtils.encodeUTF8(password)); 20 return req.getHeader("Authorization") == expected; 21 } 22 23 function httpd_basic_auth_handler(body, metadata, response) { 24 if (basic_auth_matches(metadata, "guest", "guest")) { 25 response.setStatusLine(metadata.httpVersion, 200, "OK, authorized"); 26 response.setHeader("WWW-Authenticate", 'Basic realm="secret"', false); 27 } else { 28 body = "This path exists and is protected - failed"; 29 response.setStatusLine(metadata.httpVersion, 401, "Unauthorized"); 30 response.setHeader("WWW-Authenticate", 'Basic realm="secret"', false); 31 } 32 response.bodyOutputStream.write(body, body.length); 33 }