[SHINDIG-1812] X-Shindig-St behaves differently when the security token is null between Firefox and WebKit browsers - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.5.0-beta2
Fix Version/s: 2.5.0-beta3
Component/s: Javascript
Labels:
None

Description

From Doug Davies:

Here's what I think it going on.

In io.js this code

var opt_headers =

{ 'X-Shindig-ST' : shindig.auth.getSecurityToken() }

;

behaves differently. Even though I see both browsers set it as follows:

{"X-Shindig-ST":null}

later on in UrlParameterAuthenticationHandler it's set to the STRING "null"
(not the value null) for webkit browsers.

// no token yet, see if it was attached as a header
if (StringUtils.isEmpty(token)) {
String t = request.getHeader( "X-Shindig-ST" );
if (StringUtils.isNotBlank(t))

{ token = t; }

}

This blows up during decryption:

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SHINDIG-1812.patch
26/Jun/12 17:04
0.6 kB
Stanton Sievers

Issue Links

is related to

SHINDIG-1768 Add shindig security token to makeRequest header

Resolved

Activity

People

Assignee:: Stanton Sievers

Reporter:: Stanton Sievers

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 25/Jun/12 22:02

Updated:: 02/May/13 02:30

Resolved:: 26/Jun/12 17:50