1
0
mirror of https://github.com/janeczku/calibre-web synced 2024-11-16 14:54:55 +00:00

Fix opds login with colon in password #1952

This commit is contained in:
Ozzie Isaacs 2021-04-15 18:02:52 +02:00
parent 1cb8dbe795
commit 39dda3f534

View File

@ -75,8 +75,9 @@ def load_user_from_auth_header(header_val):
basic_username = basic_password = '' # nosec basic_username = basic_password = '' # nosec
try: try:
header_val = base64.b64decode(header_val).decode('utf-8') header_val = base64.b64decode(header_val).decode('utf-8')
basic_username = header_val.split(':')[0] # Users with colon are invalid: rfc7617 page 4
basic_password = header_val.split(':')[1] basic_username = header_val.split(':', 1)[0]
basic_password = header_val.split(':', 1)[1]
except (TypeError, UnicodeDecodeError, binascii.Error): except (TypeError, UnicodeDecodeError, binascii.Error):
pass pass
user = _fetch_user_by_name(basic_username) user = _fetch_user_by_name(basic_username)