1
0
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2022-11-09 12:18:31 -05:00

set WWW-Authenticate header on http_auth if request is not xhr

This commit is contained in:
Santiago Pastorino 2010-09-01 05:29:28 +08:00 committed by José Valim
parent 736654e1bc
commit e582112369
2 changed files with 2 additions and 2 deletions

View file

@ -33,7 +33,7 @@ module Devise
def http_auth def http_auth
self.status = 401 self.status = 401
self.headers["WWW-Authenticate"] = %(Basic realm=#{Devise.http_authentication_realm.inspect}) self.headers["WWW-Authenticate"] = %(Basic realm=#{Devise.http_authentication_realm.inspect}) unless request.xhr?
self.content_type = request.format.to_s self.content_type = request.format.to_s
self.response_body = http_auth_body self.response_body = http_auth_body
end end

View file

@ -99,7 +99,7 @@ class FailureTest < ActiveSupport::TestCase
swap Devise, :http_authenticatable_on_xhr => true do swap Devise, :http_authenticatable_on_xhr => true do
call_failure('formats' => :html, 'HTTP_X_REQUESTED_WITH' => 'XMLHttpRequest') call_failure('formats' => :html, 'HTTP_X_REQUESTED_WITH' => 'XMLHttpRequest')
assert_equal 401, @response.first assert_equal 401, @response.first
assert_equal 'Basic realm="Application"', @response.second["WWW-Authenticate"] assert_nil @response.second['WWW-Authenticate']
end end
end end