From 9984741d94772be1484033d711c1a674da38217a Mon Sep 17 00:00:00 2001
From: Okash Khawaja <okash.khawaja@gmail.com>
Date: Tue, 12 Apr 2016 00:01:51 +0100
Subject: [PATCH 1/2] Update comments for url.unescape() function.

---
 src/url.lua | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/url.lua b/src/url.lua
index fbd93d1..b59960a 100644
--- a/src/url.lua
+++ b/src/url.lua
@@ -64,11 +64,11 @@ local function protect_segment(s)
 end
 
 -----------------------------------------------------------------------------
--- Encodes a string into its escaped hexadecimal representation
+-- Unencodes a escaped hexadecimal string into its binary representation
 -- Input
---   s: binary string to be encoded
+--   s: escaped hexadecimal string to be unencoded
 -- Returns
---   escaped representation of string binary
+--   unescaped binary representation of escaped hexadecimal  binary
 -----------------------------------------------------------------------------
 function _M.unescape(s)
     return (string.gsub(s, "%%(%x%x)", function(hex)

From b9f6fd215a8f522733caedcb4d6d6b0c6e55103e Mon Sep 17 00:00:00 2001
From: Okash Khawaja <okash.khawaja@gmail.com>
Date: Tue, 12 Apr 2016 00:04:21 +0100
Subject: [PATCH 2/2] URL-decode user password before adding to authorization
 header.

---
 src/http.lua | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/http.lua b/src/http.lua
index f2fff01..a386165 100644
--- a/src/http.lua
+++ b/src/http.lua
@@ -222,7 +222,8 @@ local function adjustheaders(reqt)
     -- if we have authentication information, pass it along
     if reqt.user and reqt.password then
         lower["authorization"] =
-            "Basic " ..  (mime.b64(reqt.user .. ":" .. reqt.password))
+            "Basic " ..  (mime.b64(reqt.user .. ":" ..
+		url.unescape(reqt.password)))
     end
     -- if we have proxy authentication information, pass it along
     local proxy = reqt.proxy or _M.PROXY