problem with ":" in http passwords

David Welton davidw@REDACTED
Tue May 18 15:42:11 CEST 2010


Hi,

I was trying to do something along the lines of

http:request("http://foo:bar:bee:bop@dedasys.com"), where, in theory,
'foo' is the username, and the rest is a password, but that causes
problems - try it for yourself and see what sort of headers it
generates.

This patch seems to fix it, but I can't be 100% sure since doing make
release_tests "doesn't work" (doesn't even start running tests) here.
It should be pretty simple to ascertain, though.

 lib/inets/src/http_client/httpc_request.erl |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/inets/src/http_client/httpc_request.erl
b/lib/inets/src/http_client/httpc_request.erl
index 55e0af4..e64d87a 100644
--- a/lib/inets/src/http_client/httpc_request.erl
+++ b/lib/inets/src/http_client/httpc_request.erl
@@ -236,8 +236,8 @@ handle_user_info([], Headers) ->
     Headers;
 handle_user_info(UserInfo, Headers) ->
     case string:tokens(UserInfo, ":") of
-	[User, Passwd] ->
-	    UserPasswd = base64:encode_to_string(User ++ ":" ++ Passwd),
+	[User | Rest] ->
+	    UserPasswd = base64:encode_to_string(User ++ ":" ++
string:join(Rest, ":")),
 	    Headers#http_request_h{authorization = "Basic " ++ UserPasswd};
 	[User] ->
 	    UserPasswd = base64:encode_to_string(User ++ ":"),
-- 
1.6.3.3


Thanks,
-- 
David N. Welton

http://www.welton.it/davidw/

http://www.dedasys.com/


More information about the erlang-patches mailing list