diff options
| author | Lars Ingebrigtsen <larsi@gnus.org> | 2022-03-06 17:41:18 +0100 |
|---|---|---|
| committer | Lars Ingebrigtsen <larsi@gnus.org> | 2022-03-06 17:41:28 +0100 |
| commit | 56bdfe78208149fa864842d47bfd08d1bc4d6d10 (patch) | |
| tree | 855b5664f0a61fe4b383c6322d528e5e4ce96149 /lisp/url/url-auth.el | |
| parent | 93c2daa33d3aac7c61f322c9d21f3ccab7bdcd4a (diff) | |
| download | emacs-56bdfe78208149fa864842d47bfd08d1bc4d6d10.tar.gz | |
Fix problem with fetching images via Cloudflare
* lisp/url/url-http.el (url-http): Factor out url-interactive-p.
* lisp/url/url-auth.el (url-basic-auth):
(url-basic-auth):
(url-digest-prompt-creds): Use it to not query the user.
* lisp/url/url-queue.el (url-queue-start-retrieve): Don't send a
bogus empty Authorization header (bug#54246) -- this triggers
Cloudflare's anti-attack software. Instead rely on
url-request-noninteractive.
* lisp/url/url-vars.el (url-interactive-p): New utility function.
Diffstat (limited to 'lisp/url/url-auth.el')
| -rw-r--r-- | lisp/url/url-auth.el | 26 |
1 files changed, 16 insertions, 10 deletions
diff --git a/lisp/url/url-auth.el b/lisp/url/url-auth.el index 585010d21c5..dd658b1b68b 100644 --- a/lisp/url/url-auth.el +++ b/lisp/url/url-auth.el @@ -87,11 +87,13 @@ instead of the filename inheritance method." ((and prompt (not byserv)) (setq user (or (url-do-auth-source-search server type :user) - (read-string (url-auth-user-prompt href realm) - (or user (user-real-login-name)))) + (and (url-interactive-p) + (read-string (url-auth-user-prompt href realm) + (or user (user-real-login-name))))) pass (or (url-do-auth-source-search server type :secret) - (read-passwd "Password: " nil (or pass "")))) + (and (url-interactive-p) + (read-passwd "Password: " nil (or pass ""))))) (set url-basic-auth-storage (cons (list server (cons file @@ -117,11 +119,13 @@ instead of the filename inheritance method." (progn (setq user (or (url-do-auth-source-search server type :user) - (read-string (url-auth-user-prompt href realm) - (user-real-login-name))) + (and (url-interactive-p) + (read-string (url-auth-user-prompt href realm) + (user-real-login-name)))) pass (or (url-do-auth-source-search server type :secret) - (read-passwd "Password: ")) + (and (url-interactive-p) + (read-passwd "Password: "))) retval (base64-encode-string (format "%s:%s" user pass) t) byserv (assoc server (symbol-value url-basic-auth-storage))) (setcdr byserv @@ -233,11 +237,13 @@ CREDS is a plist that may have properties `:user' and `:secret'." ;; plist-put modify the same plist. (setq creds (plist-put creds :user - (read-string (url-auth-user-prompt url realm) - (or (plist-get creds :user) - (user-real-login-name))))) + (and (url-interactive-p) + (read-string (url-auth-user-prompt url realm) + (or (plist-get creds :user) + (user-real-login-name)))))) (plist-put creds :secret - (read-passwd "Password: " nil (plist-get creds :secret)))) + (and (url-interactive-p) + (read-passwd "Password: " nil (plist-get creds :secret))))) (defun url-digest-auth-directory-id-assoc (dirkey keylist) "Find the best match for DIRKEY in key alist KEYLIST. |