# HG changeset patch # User Kim Alvefur # Date 1720972884 -7200 # Node ID 2739d3db591f81c75b46627c54cdcb578fd54ed6 # Parent d5e6617e47ccc718e3f0d9ffc692d56609a3a502 mod_rest: Normalize case after filtering out non-match Prevents an attempt to index a nil value diff -r d5e6617e47cc -r 2739d3db591f mod_rest/mod_rest.lua --- a/mod_rest/mod_rest.lua Sun Jul 14 17:58:48 2024 +0200 +++ b/mod_rest/mod_rest.lua Sun Jul 14 18:01:24 2024 +0200 @@ -53,10 +53,10 @@ local function check_credentials(request) -- > session | boolean, error local auth_type, auth_data = string.match(request.headers.authorization, "^(%S+)%s(.+)$"); - auth_type = auth_type:lower(); if not (auth_type and auth_data) or not auth_mechanisms:contains(auth_type) then return nil, post_errors.new("noauthz", { request = request }); end + auth_type = auth_type:lower(); if auth_type == "basic" then local creds = base64.decode(auth_data);