diff options
| -rw-r--r-- | .htaccess | 5 | ||||
| -rw-r--r-- | public/bookmarks/add/index.php | 4 |
2 files changed, 6 insertions, 3 deletions
diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..f0da25f --- /dev/null +++ b/.htaccess @@ -0,0 +1,5 @@ +<IfModule mod_rewrite.c> + # Handle Authorization Header. + RewriteCond %{HTTP:Authorization} . + RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] +</IfModule> diff --git a/public/bookmarks/add/index.php b/public/bookmarks/add/index.php index 5480361..7df8ced 100644 --- a/public/bookmarks/add/index.php +++ b/public/bookmarks/add/index.php @@ -10,9 +10,7 @@ if ('POST' !== filter_input(INPUT_SERVER, 'REQUEST_METHOD')) { respondAndExit(405, 'Method Not Allowed'); } -$bearerToken = getallheaders()['Authorization'] ?? null; - -if ('Bearer '.$config['bearer_token'] !== $bearerToken) { +if ('Bearer '.$config['bearer_token'] !== filter_input(INPUT_SERVER, 'HTTP_AUTHORIZATION')) { respondAndExit(401, 'Unauthorized', ['WWW-Authenticate: Bearer realm="Bookmarks"']); } |