Ruby on Rails | Screencasts | Download | Documentation | Weblog | Community | Source

Ticket #11169 (closed defect: fixed)

Opened 8 months ago

Last modified 8 months ago

[PATCH] [TINY] ActiveResource url credentials should be decoded

Reported by: ernesto.jimenez Assigned to: core
Priority: normal Milestone: 2.x
Component: ActiveResource Version: edge
Severity: normal Keywords:
Cc:

Description

RFC1738: Uniform Resource Locators (URL) says: 

   The user name (and password), if present, are followed by a
   commercial at-sign "@". Within the user and password field, any ":",
   "@", or "/" must be encoded.

URI library is for dealing with URIs, so, when you parse an url-encode username or password. you get it url-encoded. e.g; 

> URI.parse('http://email%40server.com@localhost').user
=> "email%40server.com"

However, RFC2617: HTTP Authentication: Basic and Digest Access Authentication says: 

   To receive authorization, the client sends the userid and password,
   separated by a single colon (":") character, within a base64 [7]
   encoded string in the credentials.

This means that we have to decode user and password from the uri when building the Authorization header.

Attachments

active_resource_decodes_credentials_from_site.diff (2.9 kB) - added by ernesto.jimenez on 02/19/08 22:19:26.
Tiny fix and tests

Change History

02/19/08 22:19:26 changed by ernesto.jimenez

  • attachment active_resource_decodes_credentials_from_site.diff added.

Tiny fix and tests

02/19/08 23:06:13 changed by bitsweat

  • status changed from new to closed.
  • resolution set to fixed.

(In [8900]) URI.decode site username/password. Closes #11169 [Ernesto Jimenez]