diff options
author | Ali Sabil <[email protected]> | 2014-02-09 18:37:00 +0100 |
---|---|---|
committer | Ali Sabil <[email protected]> | 2014-02-09 18:37:00 +0100 |
commit | d145cbb7457889eaf67943ef634b8784745c8b06 (patch) | |
tree | c60f6ff76b10d65e6eda230d02b4e162b80866e9 | |
parent | 903594bb8709db4fa98697ecf8adbdccabf64a83 (diff) | |
download | cowboy-d145cbb7457889eaf67943ef634b8784745c8b06.tar.gz cowboy-d145cbb7457889eaf67943ef634b8784745c8b06.tar.bz2 cowboy-d145cbb7457889eaf67943ef634b8784745c8b06.zip |
Allow empty passwords when parsing Basic authorization header
-rw-r--r-- | src/cowboy_http.erl | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/cowboy_http.erl b/src/cowboy_http.erl index f3a198d..30866de 100644 --- a/src/cowboy_http.erl +++ b/src/cowboy_http.erl @@ -765,8 +765,6 @@ authorization_basic_userid(<<C, Rest/binary>>, Fun, Acc) -> authorization_basic_password(Data, Fun) -> authorization_basic_password(Data, Fun, <<>>). -authorization_basic_password(<<>>, _Fun, <<>>) -> - {error, badarg}; authorization_basic_password(<<C, _Rest/binary>>, _Fun, _Acc) when C < 32; C=:= 127 -> {error, badarg}; @@ -1255,6 +1253,8 @@ http_authorization_test_() -> Tests = [ {<<"basic">>, <<"QWxsYWRpbjpvcGVuIHNlc2FtZQ==">>, {<<"basic">>, {<<"Alladin">>, <<"open sesame">>}}}, + {<<"basic">>, <<"dXNlcm5hbWU6">>, + {<<"basic">>, {<<"username">>, <<>>}}}, {<<"basic">>, <<"dXNlcm5hbWUK">>, {error, badarg}}, {<<"basic">>, <<"_[]@#$%^&*()-AA==">>, |