umgeher/cowboy
0
Fork 0
mirror of https://github.com/ninenines/cowboy.git synced 2025-07-15 04:30:25 +00:00
Code Issues Wiki Activity

Allow empty passwords when parsing Basic authorization header

Browse source
This commit is contained in:
Ali Sabil 2014-02-09 18:37:00 +01:00
parent 903594bb87
commit d145cbb745
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/cowboy_http.erl
View file

@ -765,8 +765,6 @@ authorization_basic_userid(<<C, Rest/binary>>, Fun, Acc) ->
authorization_basic_password(Data, Fun) -> authorization_basic_password(Data, Fun) ->
authorization_basic_password(Data, Fun, <<>>). authorization_basic_password(Data, Fun, <<>>).
authorization_basic_password(<<>>, _Fun, <<>>) ->
{error, badarg};
authorization_basic_password(<<C, _Rest/binary>>, _Fun, _Acc) authorization_basic_password(<<C, _Rest/binary>>, _Fun, _Acc)
when C < 32; C=:= 127 -> when C < 32; C=:= 127 ->
{error, badarg}; {error, badarg};
@ -1255,6 +1253,8 @@ http_authorization_test_() ->
Tests = [ Tests = [
{<<"basic">>, <<"QWxsYWRpbjpvcGVuIHNlc2FtZQ==">>, {<<"basic">>, <<"QWxsYWRpbjpvcGVuIHNlc2FtZQ==">>,
{<<"basic">>, {<<"Alladin">>, <<"open sesame">>}}}, {<<"basic">>, {<<"Alladin">>, <<"open sesame">>}}},
{<<"basic">>, <<"dXNlcm5hbWU6">>,
{<<"basic">>, {<<"username">>, <<>>}}},
{<<"basic">>, <<"dXNlcm5hbWUK">>, {<<"basic">>, <<"dXNlcm5hbWUK">>,
{error, badarg}}, {error, badarg}},
{<<"basic">>, <<"_[]@#$%^&*()-AA==">>, {<<"basic">>, <<"_[]@#$%^&*()-AA==">>,