diff options
| author | Tommaso Stocchi <tommasostocchi@outlook.com> | 2021-01-02 18:18:47 +0100 |
|---|---|---|
| committer | Tommaso Stocchi <tommasostocchi@outlook.com> | 2021-01-02 18:18:47 +0100 |
| commit | a03880b687cf1b69c25bd8d207b2ebfb0c420571 (patch) | |
| tree | e6572ce705ca60b0e1af87efabd24afeb2482c0d | |
| parent | 7c7f2316faa36fbdd6044ae27e05823e317d167f (diff) | |
Improve get auth header parts using substring
| -rw-r--r-- | Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs | 49 |
1 files changed, 22 insertions, 27 deletions
diff --git a/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs b/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs index 855c61682..8fa20aea9 100644 --- a/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs +++ b/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs @@ -273,7 +273,7 @@ namespace Emby.Server.Implementations.HttpServer.Security { var param = item.Trim().Split('=', 2); - var value =param[1].Trim('"'); + var value = param[1].Trim('"'); result[param[0]] = NormalizeValue(value); } @@ -293,42 +293,37 @@ namespace Emby.Server.Implementations.HttpServer.Security public static string[] GetParts(string authtorizationHeader) { var result = new List<string>(); - var escapeChars = new[] {'"', ','}; + var escapeChars = new[] { '"', ',' }; var escaped = false; - var authtorizationHeaderChars = authtorizationHeader.ToCharArray(); - var value = new List<char>(); - - for(var i = 0; i < authtorizationHeaderChars.Length; i++) + int start = 0; + int i = 0; + while (i < authtorizationHeader.Length) { - if(!escapeChars.Contains(authtorizationHeaderChars[i])) - { - value = value.Append(authtorizationHeaderChars[i]).ToList(); - } - else + var token = authtorizationHeader[i]; + if (escapeChars.Contains(token)) { - // Applying a XOR logic to evaluate wether it is opening or closing a value - escaped = (!escaped) == (authtorizationHeaderChars[i] == '"'); - if(authtorizationHeaderChars[i] == ',') + // Applying a XOR logic to evaluate whether it is opening or closing a value + escaped = (!escaped) == (token == '"'); + if (token == ',' && !escaped) { - if(escaped) + // Meeting a comma after a closing escape char means the value is complete + if (start < i) { - value = value.Append(authtorizationHeaderChars[i]).ToList(); + result.Add(authtorizationHeader[start..(i)]); } - else - { - // Meeting a comma after a closing escape char means the value is complete - result.Add(new string(value.ToArray())); - value = new List<char>(); - } - } - else - { - value = value.Append(authtorizationHeaderChars[i]).ToList(); + + start = i + 1; } } + + i++; } + // Add last value - result.Add(new string(value.ToArray())); + if (start < i) + { + result.Add(authtorizationHeader[start..(i)]); + } return result.ToArray(); } |