From a0c83d858cbd7260e0a8ed287b4a71d0da1dd98f Mon Sep 17 00:00:00 2001
From: Alex Anderson <191496+alxndrsn@users.noreply.github.com>
Date: Wed, 13 Sep 2023 19:31:35 +0300
Subject: [PATCH] http/preprocessors: update outdated Basic Auth comment (#982)

---
 lib/http/preprocessors.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/http/preprocessors.js b/lib/http/preprocessors.js
index 0218657e1..0c00bbac2 100644
--- a/lib/http/preprocessors.js
+++ b/lib/http/preprocessors.js
@@ -67,7 +67,7 @@ const authHandler = ({ Sessions, Users, Auth, bcrypt }, context) => {
     // auth by the bearer token we found:
     return authBySessionToken(authHeader.substring(7), () => reject(Problem.user.authenticationFailed()));
 
-  // Basic Auth, which is allowed over HTTPS only:
+  // Basic Auth, which is allowed under certain circumstances:
   } else if (isPresent(authHeader) && authHeader.startsWith('Basic ')) {
     if (oidc.isEnabled()) return reject(Problem.user.basicAuthNotSupportedWhenOidcEnabled());