)]}'
{
  "commit": "63e7cf5f24045ede2ee9e5a220e594716b2b6ce4",
  "tree": "d3e09606946cfdcd28e7954ffeb3eaa7cb049f96",
  "parents": [
    "baa09c2e265a2b264a5fb4571e7eefda04def0c4"
  ],
  "author": {
    "name": "Edwin Kempin",
    "email": "edwin.kempin@sap.com",
    "time": "Tue Jun 30 13:58:41 2015 +0200"
  },
  "committer": {
    "name": "Edwin Kempin",
    "email": "edwin.kempin@sap.com",
    "time": "Tue Jun 30 14:11:02 2015 +0200"
  },
  "message": "Include \u0027/a\u0027 into HttpScheme URLs to trigger authentication\n\nThere are 2 HTTP download schemes, AnonymousHttpScheme and HttpScheme.\nSince HttpScheme is not anonymous its URLs should include the \u0027/a\u0027\nprefix to trigger user authentication.\n\nNot having the \u0027/a\u0027 prefix may lead to problems when a part of the\nproject is visible to Anonymous Users. In this case authentication is\nnever triggered. This is because for HTTP the first request is always\nanonymous and then the server must say that authentication is\nrequired. Only then the client can send user credrentials. If a\nproject is (partly) visible to Anonymous Users then the first\nanonymous request is always successful and authentication never\nhappens. If the user is not authenticated refs which are not visible\nto Anonymous Users, but for which the user has read access, are not\nvisible.\n\nChange-Id: Ib16b8184f590a9d9896dbf56bd9e3bbf25d57c76\nSigned-off-by: Edwin Kempin \u003cedwin.kempin@sap.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "af750464c5a70013bf674569f2f8f531fb5317a6",
      "old_mode": 33188,
      "old_path": "src/main/java/com/googlesource/gerrit/plugins/download/scheme/HttpScheme.java",
      "new_id": "01b0293e812b5a11dc6ef866ac89be1550af67f8",
      "new_mode": 33188,
      "new_path": "src/main/java/com/googlesource/gerrit/plugins/download/scheme/HttpScheme.java"
    }
  ]
}