Fixed http digest authentication to use credentials URI passed from client. [#1848 state:resolved]

Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
author: Donald Parish <donald.parish@buckle.com> 2009-02-16 20:19:54 +0100
committer: Pratik Naik <pratiknaik@gmail.com> 2009-02-16 20:20:23 +0100
commit: 86d8f922828677e64892c166adf26cd421f0991a (patch)
tree: f8100f437dd661d9f7cceb3ea6e8ad2b0c50bf95 /actionpack/lib/action_controller
parent: 238a6bb62dc153743a0abc6eb1e35392ac799d65 (diff)
download: rails-86d8f922828677e64892c166adf26cd421f0991a.tar.gz
rails-86d8f922828677e64892c166adf26cd421f0991a.tar.bz2
rails-86d8f922828677e64892c166adf26cd421f0991a.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/actionpack/lib/action_controller/http_authentication.rb b/actionpack/lib/action_controller/http_authentication.rb
index 5d915fda08..2ccbc22420 100644
--- a/actionpack/lib/action_controller/http_authentication.rb
+++ b/actionpack/lib/action_controller/http_authentication.rb
@@ -183,7 +183,7 @@ module ActionController
 
         if valid_nonce && realm == credentials[:realm] && opaque(request.session.session_id) == credentials[:opaque]
           password = password_procedure.call(credentials[:username])
-          expected = expected_response(request.env['REQUEST_METHOD'], request.url, credentials, password)
+          expected = expected_response(request.env['REQUEST_METHOD'], credentials[:uri], credentials, password)
           expected == credentials[:response]
         end
       end
author	Donald Parish <donald.parish@buckle.com>	2009-02-16 20:19:54 +0100
committer	Pratik Naik <pratiknaik@gmail.com>	2009-02-16 20:20:23 +0100
commit	86d8f922828677e64892c166adf26cd421f0991a (patch)
tree	f8100f437dd661d9f7cceb3ea6e8ad2b0c50bf95 /actionpack/lib/action_controller
parent	238a6bb62dc153743a0abc6eb1e35392ac799d65 (diff)
download	rails-86d8f922828677e64892c166adf26cd421f0991a.tar.gz rails-86d8f922828677e64892c166adf26cd421f0991a.tar.bz2 rails-86d8f922828677e64892c166adf26cd421f0991a.zip