Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't double-decode URL user-info; fixes #21 #22

Merged
merged 1 commit into from
Jul 1, 2016
Merged

Don't double-decode URL user-info; fixes #21 #22

merged 1 commit into from
Jul 1, 2016

Conversation

samroberton
Copy link
Contributor

The URL's user-info component was being decoded once by urly, and then
subsequently again by with-ftp. If the username or password contains
a '%' character, the second decode will fail or produce the wrong result.

The commit removes urly, since it didn't seem to be adding much, and
still the bug is not properly fixable while still using it: urly
decodes the user-info before returning it, but this leads to ambiguity
if the (decoded) username contains a ':' (unlikely, but legal).

Don't double-decode URL user-info; fixes miner#21
e0fae12 
The URL's user-info component was being decoded once by `urly`, and then
subsequently again by `with-ftp`.  If the username or password contains
a '%' character, the second decode will fail or produce the wrong result.

The commit removes `urly`, since it didn't seem to be adding much, and
still the bug is not properly fixable while still using it: `urly`
decodes the user-info before returning it, but this leads to ambiguity
if the (decoded) username contains a ':' (unlikely, but legal).
@miner miner merged commit 1a7dd22 into miner:master Jul 1, 2016
@miner miner mentioned this pull request Jul 1, 2016
Closed
@samroberton samroberton mentioned this pull request Aug 17, 2016
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@samroberton @miner