mirror of
https://github.com/janeczku/calibre-web
synced 2024-11-16 14:54:55 +00:00
Fix opds login with colon in password #1952
This commit is contained in:
parent
1cb8dbe795
commit
39dda3f534
@ -75,8 +75,9 @@ def load_user_from_auth_header(header_val):
|
|||||||
basic_username = basic_password = '' # nosec
|
basic_username = basic_password = '' # nosec
|
||||||
try:
|
try:
|
||||||
header_val = base64.b64decode(header_val).decode('utf-8')
|
header_val = base64.b64decode(header_val).decode('utf-8')
|
||||||
basic_username = header_val.split(':')[0]
|
# Users with colon are invalid: rfc7617 page 4
|
||||||
basic_password = header_val.split(':')[1]
|
basic_username = header_val.split(':', 1)[0]
|
||||||
|
basic_password = header_val.split(':', 1)[1]
|
||||||
except (TypeError, UnicodeDecodeError, binascii.Error):
|
except (TypeError, UnicodeDecodeError, binascii.Error):
|
||||||
pass
|
pass
|
||||||
user = _fetch_user_by_name(basic_username)
|
user = _fetch_user_by_name(basic_username)
|
||||||
|
Loading…
Reference in New Issue
Block a user