From a094f59a282b05513d5420c679d13e18443d3078 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tobi=20Sch=C3=A4fer?= <interface@p3k.org>
Date: Fri, 28 Jan 2011 23:16:44 +0100
Subject: [PATCH] Fixed bug in decodeHttpAuth() causing colons in a password
 (and everything afterwards) to be swallowed. Note: RFC 2617 explicitely
 allows colons in passwords, just not in usernames.

---
 src/helma/framework/RequestTrans.java | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/helma/framework/RequestTrans.java b/src/helma/framework/RequestTrans.java
index 0c368de5..d27c2e61 100644
--- a/src/helma/framework/RequestTrans.java
+++ b/src/helma/framework/RequestTrans.java
@@ -615,7 +615,12 @@ public class RequestTrans implements Serializable {
         }
 
         try {
-            httpPassword = tok.nextToken();
+            StringBuffer buf = new StringBuffer(tok.nextToken());
+            while (tok.hasMoreTokens()) {
+                buf.append(":");
+                buf.append(tok.nextToken());
+            }
+            httpPassword = buf.toString();
         } catch (NoSuchElementException e) {
             httpPassword = null;
         }