From d952ac01cb4cd4ae5ceb0c8cc079acf595ff9747 Mon Sep 17 00:00:00 2001
From: Robert Newson <rnewson@apache.org>
Date: Mon, 23 May 2011 21:26:00 +0000
Subject: Fix authentication. Jquery append "*.*" to accept  by default so if
 we test text/html first it will alway be true. Then test first if
 application/json was given and then test if text/html then others.

Backported from trunk (related to COUCHDB-1175).

git-svn-id: https://svn.apache.org/repos/asf/couchdb/branches/1.1.x@1126759 13f79535-47bb-0310-9956-ffa450edef68
---
 src/couchdb/couch_httpd.erl | 39 ++++++++++++++++++++++-----------------
 1 file changed, 22 insertions(+), 17 deletions(-)

(limited to 'src')

diff --git a/src/couchdb/couch_httpd.erl b/src/couchdb/couch_httpd.erl
index 73d214e8..7c7781f6 100644
--- a/src/couchdb/couch_httpd.erl
+++ b/src/couchdb/couch_httpd.erl
@@ -764,24 +764,29 @@ error_headers(#httpd{mochi_req=MochiReq}=Req, Code, ErrorStr, ReasonStr) ->
                             % send the browser popup header no matter what if we are require_valid_user
                             {Code, [{"WWW-Authenticate", "Basic realm=\"server\""}]};
                         _False ->
-                            case MochiReq:accepts_content_type("text/html") of
-                            false ->
-                                {Code, []};
+                            case MochiReq:accepts_content_type("application/json") of
                             true ->
-                                % Redirect to the path the user requested, not
-                                % the one that is used internally.
-                                UrlReturnRaw = case MochiReq:get_header_value("x-couchdb-vhost-path") of
-                                undefined ->
-                                    MochiReq:get(path);
-                                VHostPath ->
-                                    VHostPath
-                                end,
-                                RedirectLocation = lists:flatten([
-                                    AuthRedirect,
-                                    "?return=", couch_util:url_encode(UrlReturnRaw),
-                                    "&reason=", couch_util:url_encode(ReasonStr)
-                                ]),
-                                {302, [{"Location", absolute_uri(Req, RedirectLocation)}]}
+                                {Code, []};
+                            false ->
+                                case MochiReq:accepts_content_type("text/html") of
+                                true ->
+                                    % Redirect to the path the user requested, not
+                                    % the one that is used internally.
+                                    UrlReturnRaw = case MochiReq:get_header_value("x-couchdb-vhost-path") of
+                                    undefined ->
+                                        MochiReq:get(path);
+                                    VHostPath ->
+                                        VHostPath
+                                    end,
+                                    RedirectLocation = lists:flatten([
+                                        AuthRedirect,
+                                        "?return=", couch_util:url_encode(UrlReturnRaw),
+                                        "&reason=", couch_util:url_encode(ReasonStr)
+                                    ]),
+                                    {302, [{"Location", absolute_uri(Req, RedirectLocation)}]};
+                                false ->
+                                    {Code, []}
+                                end
                             end
                         end
                     end;
-- 
cgit v1.2.3