Base64 encoding of HTTP basic auth credentials should omit newlines (do not enforce a 76 character line limit)
According to RFC 2617 (http://www.ietf.org/rfc/rfc2617.txt), the 76 character line limit normally enforced by Base64 encoding should not apply to the encoding of HTTP basic authentication credentials.
This commit is contained in:
parent
f9f2a98189
commit
61b0fce828
@ -105,7 +105,7 @@ For example:
|
||||
end
|
||||
|
||||
def basic_auth(user, pass)
|
||||
encoded_login = ["#{user}:#{pass}"].pack("m*")
|
||||
encoded_login = ["#{user}:#{pass}"].pack("m*").gsub(/\n/, '')
|
||||
header('HTTP_AUTHORIZATION', "Basic #{encoded_login}")
|
||||
end
|
||||
|
||||
|
@ -6,7 +6,7 @@ describe "Basic Auth HTTP headers" do
|
||||
end
|
||||
|
||||
it "should be present in visit" do
|
||||
webrat_session.should_receive(:get).with("/", {}, {'HTTP_AUTHORIZATION' => "Basic dXNlcjpzZWNyZXQ=\n"})
|
||||
webrat_session.should_receive(:get).with("/", {}, {'HTTP_AUTHORIZATION' => "Basic dXNlcjpzZWNyZXQ="})
|
||||
visit("/")
|
||||
end
|
||||
|
||||
@ -18,7 +18,18 @@ describe "Basic Auth HTTP headers" do
|
||||
</form>
|
||||
</html>
|
||||
HTML
|
||||
webrat_session.should_receive(:post).with("/form1", {}, {'HTTP_AUTHORIZATION' => "Basic dXNlcjpzZWNyZXQ=\n"})
|
||||
webrat_session.should_receive(:post).with("/form1", {}, {'HTTP_AUTHORIZATION' => "Basic dXNlcjpzZWNyZXQ="})
|
||||
click_button
|
||||
end
|
||||
|
||||
context "with long username and password combination" do
|
||||
before do
|
||||
basic_auth('user', 'secret1234567890123456789012345678901234567890123456789012345678901234567890')
|
||||
end
|
||||
|
||||
it "should be present, without new lines, in visit" do
|
||||
webrat_session.should_receive(:get).with("/", {}, {'HTTP_AUTHORIZATION' => "Basic dXNlcjpzZWNyZXQxMjM0NTY3ODkwMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkw"})
|
||||
visit("/")
|
||||
end
|
||||
end
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user