Authorization scheme should be case insensitive. Fixes #21199

author: Dennis Suratna <dennis.suratna@gmail.com> 2015-08-11 15:25:38 -0700
committer: Dennis Suratna <dennis.suratna@gmail.com> 2015-08-11 15:59:44 -0700
commit: dec2f52fa494c5adf8805ec227ed60d911a6fb4a (patch)
tree: ec32e762aad8afbafa55af9e8486c3a4d36355e3 /actionpack/lib/action_controller/metal/http_authentication.rb
parent: 17eb64213a86d14ebe44a1215f2408065fa2634a (diff)
download: rails-dec2f52fa494c5adf8805ec227ed60d911a6fb4a.tar.gz
rails-dec2f52fa494c5adf8805ec227ed60d911a6fb4a.tar.bz2
rails-dec2f52fa494c5adf8805ec227ed60d911a6fb4a.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/actionpack/lib/action_controller/metal/http_authentication.rb b/actionpack/lib/action_controller/metal/http_authentication.rb
index 032275ac64..bbb38cf8fc 100644
--- a/actionpack/lib/action_controller/metal/http_authentication.rb
+++ b/actionpack/lib/action_controller/metal/http_authentication.rb
@@ -94,7 +94,7 @@ module ActionController
       end
 
       def has_basic_credentials?(request)
-        request.authorization.present? && (auth_scheme(request) == 'Basic')
+        request.authorization.present? && (auth_scheme(request).downcase == 'basic')
       end
 
       def user_name_and_password(request)
author	Dennis Suratna <dennis.suratna@gmail.com>	2015-08-11 15:25:38 -0700
committer	Dennis Suratna <dennis.suratna@gmail.com>	2015-08-11 15:59:44 -0700
commit	dec2f52fa494c5adf8805ec227ed60d911a6fb4a (patch)
tree	ec32e762aad8afbafa55af9e8486c3a4d36355e3 /actionpack/lib/action_controller/metal/http_authentication.rb
parent	17eb64213a86d14ebe44a1215f2408065fa2634a (diff)
download	rails-dec2f52fa494c5adf8805ec227ed60d911a6fb4a.tar.gz rails-dec2f52fa494c5adf8805ec227ed60d911a6fb4a.tar.bz2 rails-dec2f52fa494c5adf8805ec227ed60d911a6fb4a.zip