From 61b0fce82888b75436d05ddfa0c045b2b9d3fc80 Mon Sep 17 00:00:00 2001
From: Michael Klett <michael@webadvocate.com>
Date: Wed, 23 Sep 2009 10:46:17 -0400
Subject: [PATCH] Base64 encoding of HTTP basic auth credentials should omit
 newlines (do not enforce a 76 character line limit)

According to RFC 2617 (http://www.ietf.org/rfc/rfc2617.txt), the 76 character line limit normally enforced by Base64 encoding should not apply to the encoding of HTTP basic authentication credentials.
---
 lib/webrat/core/session.rb     |  2 +-
 spec/public/basic_auth_spec.rb | 15 +++++++++++++--
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/lib/webrat/core/session.rb b/lib/webrat/core/session.rb
index ee180d7..619f3c6 100644
--- a/lib/webrat/core/session.rb
+++ b/lib/webrat/core/session.rb
@@ -105,7 +105,7 @@ For example:
     end
 
     def basic_auth(user, pass)
-      encoded_login = ["#{user}:#{pass}"].pack("m*")
+      encoded_login = ["#{user}:#{pass}"].pack("m*").gsub(/\n/, '')
       header('HTTP_AUTHORIZATION', "Basic #{encoded_login}")
     end
 
diff --git a/spec/public/basic_auth_spec.rb b/spec/public/basic_auth_spec.rb
index 1d6b590..655f417 100644
--- a/spec/public/basic_auth_spec.rb
+++ b/spec/public/basic_auth_spec.rb
@@ -6,7 +6,7 @@ describe "Basic Auth HTTP headers" do
   end
 
   it "should be present in visit" do
-    webrat_session.should_receive(:get).with("/", {}, {'HTTP_AUTHORIZATION' => "Basic dXNlcjpzZWNyZXQ=\n"})
+    webrat_session.should_receive(:get).with("/", {}, {'HTTP_AUTHORIZATION' => "Basic dXNlcjpzZWNyZXQ="})
     visit("/")
   end
 
@@ -18,7 +18,18 @@ describe "Basic Auth HTTP headers" do
       </form>
       </html>
     HTML
-    webrat_session.should_receive(:post).with("/form1", {}, {'HTTP_AUTHORIZATION' => "Basic dXNlcjpzZWNyZXQ=\n"})
+    webrat_session.should_receive(:post).with("/form1", {}, {'HTTP_AUTHORIZATION' => "Basic dXNlcjpzZWNyZXQ="})
     click_button
   end
+
+  context "with long username and password combination" do
+    before do
+      basic_auth('user', 'secret1234567890123456789012345678901234567890123456789012345678901234567890')
+    end
+
+    it "should be present, without new lines, in visit" do
+      webrat_session.should_receive(:get).with("/", {}, {'HTTP_AUTHORIZATION' => "Basic dXNlcjpzZWNyZXQxMjM0NTY3ODkwMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkw"})
+      visit("/")
+    end
+  end
 end