use CURLAUTH_BASIC by default for password-protected feeds, keeping

CURLAUTH_ANY as a fallback in case we got a 403.
author: Andrew Dolgov <[email protected]> 2022-05-23 08:42:16 +0300
committer: Andrew Dolgov <[email protected]> 2022-05-23 08:43:04 +0300
commit: 1b3e655f89e233c27d36c8618ef37dd820c580f6 (patch)
tree: 9944fa520b320f29104cfcb2925bab3d7c675c0c /classes/urlhelper.php
parent: 1152b2454ea47acc328691c7fc8aaa2f74760ccc (diff)
1 files changed, 10 insertions, 1 deletions
diff --git a/classes/urlhelper.php b/classes/urlhelper.php
index 92e7f90df..bb51f5d06 100644
--- a/classes/urlhelper.php
+++ b/classes/urlhelper.php
@@ -353,7 +353,7 @@ class UrlHelper {
 			curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
 			curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
 			curl_setopt($ch, CURLOPT_HEADER, true);
-			curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
+			curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
 			curl_setopt($ch, CURLOPT_USERAGENT, $useragent ? $useragent : Config::get_user_agent());
 			curl_setopt($ch, CURLOPT_ENCODING, "");
 			curl_setopt($ch, CURLOPT_COOKIEJAR, "/dev/null");
@@ -393,6 +393,15 @@ class UrlHelper {
 				curl_setopt($ch, CURLOPT_USERPWD, "$login:$pass");
 
 			$ret = @curl_exec($ch);
+			$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+
+			// CURLAUTH_BASIC didn't work, let's retry with CURLAUTH_ANY in case it's actually something
+			// unusual like NTLM...
+			if ($http_code == 403 && $login && $pass) {
+				curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
+
+				$ret = @curl_exec($ch);
+			}
 
 			if (curl_errno($ch) === 23 || curl_errno($ch) === 61) {
 				curl_setopt($ch, CURLOPT_ENCODING, 'none');
author	Andrew Dolgov <[email protected]>	2022-05-23 08:42:16 +0300
committer	Andrew Dolgov <[email protected]>	2022-05-23 08:43:04 +0300
commit	1b3e655f89e233c27d36c8618ef37dd820c580f6 (patch)
tree	9944fa520b320f29104cfcb2925bab3d7c675c0c /classes/urlhelper.php
parent	1152b2454ea47acc328691c7fc8aaa2f74760ccc (diff)