From 1b3e655f89e233c27d36c8618ef37dd820c580f6 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Mon, 23 May 2022 08:42:16 +0300 Subject: [PATCH] use CURLAUTH_BASIC by default for password-protected feeds, keeping CURLAUTH_ANY as a fallback in case we got a 403. --- classes/urlhelper.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/classes/urlhelper.php b/classes/urlhelper.php index 92e7f90df..bb51f5d06 100644 --- a/classes/urlhelper.php +++ b/classes/urlhelper.php @@ -353,7 +353,7 @@ class UrlHelper { curl_setopt($ch, CURLOPT_BINARYTRANSFER, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HEADER, true); - curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY); + curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_USERAGENT, $useragent ? $useragent : Config::get_user_agent()); curl_setopt($ch, CURLOPT_ENCODING, ""); curl_setopt($ch, CURLOPT_COOKIEJAR, "/dev/null"); @@ -393,6 +393,15 @@ class UrlHelper { curl_setopt($ch, CURLOPT_USERPWD, "$login:$pass"); $ret = @curl_exec($ch); + $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); + + // CURLAUTH_BASIC didn't work, let's retry with CURLAUTH_ANY in case it's actually something + // unusual like NTLM... + if ($http_code == 403 && $login && $pass) { + curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY); + + $ret = @curl_exec($ch); + } if (curl_errno($ch) === 23 || curl_errno($ch) === 61) { curl_setopt($ch, CURLOPT_ENCODING, 'none');