antville/helma
antville/helma
1
1
Fork 0
Code Issues 5 Pull requests 5 Projects Releases 5 Activity Actions

Fixed bug in decodeHttpAuth() causing colons in a password (and everything afterwards) to be swallowed. Note: RFC 2617 explicitely allows colons in passwords, just not in usernames.

Browse source
This commit is contained in:
Tobi Schäfer 2011-01-28 23:16:44 +01:00
parent 5774b583eb
commit a094f59a28
1 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/helma/framework/RequestTrans.java
View file

@ -615,7 +615,12 @@ public class RequestTrans implements Serializable {
}
try {
httpPassword = tok.nextToken();
StringBuffer buf = new StringBuffer(tok.nextToken());
while (tok.hasMoreTokens()) {
buf.append(":");
buf.append(tok.nextToken());
}
httpPassword = buf.toString();
} catch (NoSuchElementException e) {
httpPassword = null;
}