Use better way of getting headers

author: David T. Sadler <davidtsadler@googlemail.com> 2021-07-07 23:14:08 +0100
committer: David T. Sadler <davidtsadler@googlemail.com> 2021-07-07 23:14:08 +0100
commit: dc1b64dced300f733497e0a99343ebb1d9f535b3 (patch)
tree: a200ae7b35922b98ad54aa978f8a96e94c2c8753 /public
parent: 6b6246b094289df09a1a7116d52528f21aefc028 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/public/bookmarks/add/index.php b/public/bookmarks/add/index.php
index 18db75f..5480361 100644
--- a/public/bookmarks/add/index.php
+++ b/public/bookmarks/add/index.php
@@ -9,7 +9,10 @@ $config = require_once(__DIR__.'/../../../config.php');
 if ('POST' !== filter_input(INPUT_SERVER, 'REQUEST_METHOD')) {
     respondAndExit(405, 'Method Not Allowed');
 }
-if ('Bearer '.$config['bearer_token'] !== filter_input(INPUT_SERVER, 'HTTP_AUTHORIZATION')) {
+
+$bearerToken = getallheaders()['Authorization'] ?? null;
+
+if ('Bearer '.$config['bearer_token'] !== $bearerToken) {
     respondAndExit(401, 'Unauthorized', ['WWW-Authenticate: Bearer realm="Bookmarks"']);
 }
author	David T. Sadler <davidtsadler@googlemail.com>	2021-07-07 23:14:08 +0100
committer	David T. Sadler <davidtsadler@googlemail.com>	2021-07-07 23:14:08 +0100
commit	dc1b64dced300f733497e0a99343ebb1d9f535b3 (patch)
tree	a200ae7b35922b98ad54aa978f8a96e94c2c8753 /public
parent	6b6246b094289df09a1a7116d52528f21aefc028 (diff)