Special characters break HTTP basic authentication #333

Closed
tizzo opened this Issue Sep 28, 2012 · 4 comments

Projects

None yet

5 participants

@tizzo
tizzo commented Sep 28, 2012

It seems that characters that are meaningful in a URL (:#?@) if used in a password cause basic authentication to fail. I haven't had time to dig in and figure out why, for now I'm working around it by building the auth header myself and setting it in my request options, but I thought I should report it here in case others are having the same issue.

The parsing error seems to cause the basic auth handling code not to be run because the url isn't identified as having auth so the necessary auth properties never get populated. Probably a bad regex somewhere earlier on?

@tamsler
tamsler commented Dec 24, 2012

I have this issue as well. If the "user" string contains special characters such as '@', it doesn't work.

@contra
contra commented Feb 11, 2013

Also having this issue - you guys can always make your own base64 auth token by doing

headers: {
  authorization: "Basic " + toBase64(user + ":" + pass)
}
@mikeal
Member
mikeal commented Aug 27, 2014

Is this still an issue?

This is so old I'm closing, if it is actually still an issue just let me know and I'll re-open.

@mikeal mikeal closed this Aug 27, 2014
@nylen nylen self-assigned this Aug 28, 2014
@nylen
Member
nylen commented Sep 4, 2014

This appears to no longer be an issue:

var request = require('request');

require('request-debug')(request);

[
    { user : 'abc', pass : 'a:bc' },
    { user : 'abc', pass : '#abc' },
    { user : 'a@c', pass : 'abcd' }
].forEach(function(auth) {
    request('http://nylen.tv/public/test-auth.php', {
        auth : auth
    }, function(err, res, body) {
        console.log(auth, err, res && res.statusCode);
        console.log(body);
    });
});
@nylen nylen removed their assignment Sep 4, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment