[Zope3-checkins] SVN: Zope3/branches/3.3/src/zope/publisher/ Now colon inside the password shouldn't shock the parser

Dmitry Vasiliev dima at hlabs.spb.ru
Mon Jul 31 07:50:11 EDT 2006


Log message for revision 69306:
  Now colon inside the password shouldn't shock the parser
  

Changed:
  U   Zope3/branches/3.3/src/zope/publisher/http.py
  U   Zope3/branches/3.3/src/zope/publisher/tests/test_http.py

-=-
Modified: Zope3/branches/3.3/src/zope/publisher/http.py
===================================================================
--- Zope3/branches/3.3/src/zope/publisher/http.py	2006-07-31 08:57:41 UTC (rev 69305)
+++ Zope3/branches/3.3/src/zope/publisher/http.py	2006-07-31 11:50:10 UTC (rev 69306)
@@ -57,8 +57,6 @@
 class HeaderGetter(RequestDataGetter):
     _gettrname = 'getHeader'
 
-base64 = None
-
 def sane_environment(env):
     # return an environment mapping which has been cleaned of
     # funny business such as REDIRECT_ prefixes added by Apache
@@ -482,14 +480,10 @@
 
     def _authUserPW(self):
         'See IHTTPCredentials'
-        global base64
-        if self._auth:
-            if self._auth.lower().startswith('basic '):
-                if base64 is None:
-                    import base64
-                name, password = base64.decodestring(
-                    self._auth.split()[-1]).split(':')
-                return name, password
+        if self._auth and self._auth.lower().startswith('basic '):
+            encoded = self._auth.split(None, 1)[-1]
+            name, password = encoded.decode("base64").split(':', 1)
+            return name, password
 
     def unauthorized(self, challenge):
         'See IHTTPCredentials'

Modified: Zope3/branches/3.3/src/zope/publisher/tests/test_http.py
===================================================================
--- Zope3/branches/3.3/src/zope/publisher/tests/test_http.py	2006-07-31 08:57:41 UTC (rev 69305)
+++ Zope3/branches/3.3/src/zope/publisher/tests/test_http.py	2006-07-31 11:50:10 UTC (rev 69306)
@@ -343,14 +343,13 @@
 
     def testBasicAuth(self):
         from zope.publisher.interfaces.http import IHTTPCredentials
-        import base64
         req = self._createRequest()
         verifyObject(IHTTPCredentials, req)
         lpq = req._authUserPW()
         self.assertEquals(lpq, None)
         env = {}
-        login, password = ("tim", "123")
-        s = base64.encodestring("%s:%s" % (login, password)).rstrip()
+        login, password = ("tim", "123:456")
+        s = ("%s:%s" % (login, password)).encode("base64").rstrip()
         env['HTTP_AUTHORIZATION'] = "Basic %s" % s
         req = self._createRequest(env)
         lpw = req._authUserPW()



More information about the Zope3-Checkins mailing list