Asset downloader: send credentials when URI authority is the same, even if the default port is explicitly given

2024-10-15 15:59:18 +00:00 · 2015-07-28 16:22:50 +02:00 · 2015-07-28 16:22:50 +02:00 · 25675d4567
parent ca68e59b60
commit 25675d4567
1 changed files with 11 additions and 6 deletions
--- a/app/src/main/java/at/bitfire/davdroid/resource/RemoteCollection.java
+++ b/app/src/main/java/at/bitfire/davdroid/resource/RemoteCollection.java
@ -206,16 +206,21 @@ public abstract class RemoteCollection<T extends Resource> {
                if (!uri.isAbsolute())
                    throw new URISyntaxException(uri.toString(), "URI referenced from entity must be absolute");

-                if (uri.getScheme().equalsIgnoreCase(baseURI.getScheme()) &&
-                        uri.getAuthority().equalsIgnoreCase(baseURI.getAuthority())) {
-                    // resource is on same server, send Authorization
+	            // send credentials when asset has same URI authority as baseURI
+	            // we have to construct these helper URIs because
+	            // "https://server:443" is NOT equal to "https://server" otherwise
+	            URI     baseUriAuthority = new URI(baseURI.getScheme(), null, baseURI.getHost(), baseURI.getPort(), null, null, null),
+			            assetUriAuthority = new URI(uri.getScheme(), null, uri.getHost(), baseURI.getPort(), null, null, null);
+
+                if (baseUriAuthority.equals(assetUriAuthority)) {
+	                Log.d(TAG, "Asset is on same server, sending credentials");
                    WebDavResource file = new WebDavResource(collection, uri);
                    file.get("image/*");
                    return file.getContent();
-                } else {
-                    // resource is on an external server, don't send Authorization
+
+                } else
+	                // resource is on an external server, don't send credentials
                    return IOUtils.toByteArray(uri);
-                }
            }
        };
 	}