diff options
| author | David T. Sadler <davidtsadler@googlemail.com> | 2021-07-08 12:33:56 +0100 |
|---|---|---|
| committer | David T. Sadler <davidtsadler@googlemail.com> | 2021-07-08 12:33:56 +0100 |
| commit | 5f58f7e509a07219a30cc8a831f2e5d1bcd83a10 (patch) | |
| tree | 97598c0953327a58cb3faba255be3de471114c10 /public | |
| parent | dc1b64dced300f733497e0a99343ebb1d9f535b3 (diff) | |
Use .htaccess in order to get bearer token from $_SERVER
Diffstat (limited to 'public')
| -rw-r--r-- | public/bookmarks/add/index.php | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/public/bookmarks/add/index.php b/public/bookmarks/add/index.php index 5480361..7df8ced 100644 --- a/public/bookmarks/add/index.php +++ b/public/bookmarks/add/index.php @@ -10,9 +10,7 @@ if ('POST' !== filter_input(INPUT_SERVER, 'REQUEST_METHOD')) { respondAndExit(405, 'Method Not Allowed'); } -$bearerToken = getallheaders()['Authorization'] ?? null; - -if ('Bearer '.$config['bearer_token'] !== $bearerToken) { +if ('Bearer '.$config['bearer_token'] !== filter_input(INPUT_SERVER, 'HTTP_AUTHORIZATION')) { respondAndExit(401, 'Unauthorized', ['WWW-Authenticate: Bearer realm="Bookmarks"']); } |