Fix parsing of basic auth credentials if the password includes ':'. #331

trentm · 2011-07-27T04:35:44Z

The current basic auth middleware will incorrect parse "user:password" for if the password includes a colon.

I'd love to see a 1.6.1 with this. :) Thanks.

tj · 2011-07-27T16:12:26Z

if you dont mind adding a test or two as well that would be great!

…st case for colon in password

trentm · 2011-07-27T19:12:18Z

Test case added (and dropped the "throw" I had because it broke existing tests). Apologies for not having run the test suite before.

tj · 2011-07-29T15:56:36Z

one last thing is signing the CLA if you haven't previously http://code.google.com/legal/individual-cla-v1.0.html

then it's good to go!

trentm · 2011-08-06T02:03:50Z

Confused. Why is this a CLA for google? Does Google own the IP for Connect?

tj · 2011-08-06T02:07:04Z

woah, no, haha, my bad wrong link

trentm · 2011-08-10T07:44:35Z

Did you have a link to an appropriate CLA?

trentm · 2011-09-12T23:36:22Z

I signed the CLA a while back. Would it be possible to pull this now? :)

Thanks.

kof · 2013-03-06T12:09:59Z

seems to be a duplicate of #682 which is already merged

Fix parsing of basic auth credentials if the password includes ':'.

1879717

improve basic auth credential parsing (to handle no password). add te…

9c8a852

…st case for colon in password

tj closed this Mar 26, 2013

Provide feedback