Merge pull request #170 from bytefire/master

URL-decode user password before adding to authorization header.
This commit is contained in:
Diego Nehab 2016-04-12 09:28:27 -03:00
commit 6a0506ca44
2 changed files with 5 additions and 4 deletions

View File

@ -222,7 +222,8 @@ local function adjustheaders(reqt)
-- if we have authentication information, pass it along -- if we have authentication information, pass it along
if reqt.user and reqt.password then if reqt.user and reqt.password then
lower["authorization"] = lower["authorization"] =
"Basic " .. (mime.b64(reqt.user .. ":" .. reqt.password)) "Basic " .. (mime.b64(reqt.user .. ":" ..
url.unescape(reqt.password)))
end end
-- if we have proxy authentication information, pass it along -- if we have proxy authentication information, pass it along
local proxy = reqt.proxy or _M.PROXY local proxy = reqt.proxy or _M.PROXY

View File

@ -64,11 +64,11 @@ local function protect_segment(s)
end end
----------------------------------------------------------------------------- -----------------------------------------------------------------------------
-- Encodes a string into its escaped hexadecimal representation -- Unencodes a escaped hexadecimal string into its binary representation
-- Input -- Input
-- s: binary string to be encoded -- s: escaped hexadecimal string to be unencoded
-- Returns -- Returns
-- escaped representation of string binary -- unescaped binary representation of escaped hexadecimal binary
----------------------------------------------------------------------------- -----------------------------------------------------------------------------
function _M.unescape(s) function _M.unescape(s)
return (string.gsub(s, "%%(%x%x)", function(hex) return (string.gsub(s, "%%(%x%x)", function(hex)