wsgitools.digest: relax checking of PATH_INFO

Apache mod_proxy_scgi seems to insert an additional slash at the start of PATH_INFO deal with this rather than rejecting authentication.
author: Helmut Grohne <helmut@subdivi.de> 2022-12-06 19:33:26 +0100
committer: Helmut Grohne <helmut@subdivi.de> 2022-12-06 19:33:26 +0100
commit: 19c246e988335de7c2644544b269b021815cc051 (patch)
tree: 041924bcd5ecf817ca6776615ef77f90686b25b1
parent: ee2b69cef7dc89d275364f4809ee9e0318b59509 (diff)
download: wsgitools-19c246e988335de7c2644544b269b021815cc051.tar.gz
1 files changed, 7 insertions, 3 deletions
diff --git a/wsgitools/digest.py b/wsgitools/digest.py
index ffdf063..5b101e5 100644
--- a/wsgitools/digest.py
+++ b/wsgitools/digest.py
@@ -688,10 +688,14 @@ def check_uri(credentials, environ):
         if not uri.startswith(environ["SCRIPT_NAME"]):
             raise AuthenticationRequired("url mismatch")
         uri = uri[len(environ["SCRIPT_NAME"]):]
-    if environ.get("PATH_INFO"):
-        if not uri.startswith(environ["PATH_INFO"]):
+    path_info = environ.get("PATH_INFO")
+    if path_info:
+        if uri.startswith(path_info):
+            uri = uri[len(path_info):]
+        elif path_info.startswith("/") and uri.startswith(path_info[1:]):
+            uri = uri[len(path_info)-1:]
+        else:
             raise AuthenticationRequired("url mismatch")
-        uri = uri[len(environ["PATH_INFO"]):]
     if uri not in ('', '?'):
         raise AuthenticationRequired("url mismatch")
author	Helmut Grohne <helmut@subdivi.de>	2022-12-06 19:33:26 +0100
committer	Helmut Grohne <helmut@subdivi.de>	2022-12-06 19:33:26 +0100
commit	19c246e988335de7c2644544b269b021815cc051 (patch)
tree	041924bcd5ecf817ca6776615ef77f90686b25b1
parent	ee2b69cef7dc89d275364f4809ee9e0318b59509 (diff)
download	wsgitools-19c246e988335de7c2644544b269b021815cc051.tar.gz