[Zope3-checkins] SVN: Zope3/branches/3.3/src/zope/publisher/ Now
colon inside the password shouldn't shock the parser
Dmitry Vasiliev
dima at hlabs.spb.ru
Mon Jul 31 07:50:11 EDT 2006
Log message for revision 69306:
Now colon inside the password shouldn't shock the parser
Changed:
U Zope3/branches/3.3/src/zope/publisher/http.py
U Zope3/branches/3.3/src/zope/publisher/tests/test_http.py
-=-
Modified: Zope3/branches/3.3/src/zope/publisher/http.py
===================================================================
--- Zope3/branches/3.3/src/zope/publisher/http.py 2006-07-31 08:57:41 UTC (rev 69305)
+++ Zope3/branches/3.3/src/zope/publisher/http.py 2006-07-31 11:50:10 UTC (rev 69306)
@@ -57,8 +57,6 @@
class HeaderGetter(RequestDataGetter):
_gettrname = 'getHeader'
-base64 = None
-
def sane_environment(env):
# return an environment mapping which has been cleaned of
# funny business such as REDIRECT_ prefixes added by Apache
@@ -482,14 +480,10 @@
def _authUserPW(self):
'See IHTTPCredentials'
- global base64
- if self._auth:
- if self._auth.lower().startswith('basic '):
- if base64 is None:
- import base64
- name, password = base64.decodestring(
- self._auth.split()[-1]).split(':')
- return name, password
+ if self._auth and self._auth.lower().startswith('basic '):
+ encoded = self._auth.split(None, 1)[-1]
+ name, password = encoded.decode("base64").split(':', 1)
+ return name, password
def unauthorized(self, challenge):
'See IHTTPCredentials'
Modified: Zope3/branches/3.3/src/zope/publisher/tests/test_http.py
===================================================================
--- Zope3/branches/3.3/src/zope/publisher/tests/test_http.py 2006-07-31 08:57:41 UTC (rev 69305)
+++ Zope3/branches/3.3/src/zope/publisher/tests/test_http.py 2006-07-31 11:50:10 UTC (rev 69306)
@@ -343,14 +343,13 @@
def testBasicAuth(self):
from zope.publisher.interfaces.http import IHTTPCredentials
- import base64
req = self._createRequest()
verifyObject(IHTTPCredentials, req)
lpq = req._authUserPW()
self.assertEquals(lpq, None)
env = {}
- login, password = ("tim", "123")
- s = base64.encodestring("%s:%s" % (login, password)).rstrip()
+ login, password = ("tim", "123:456")
+ s = ("%s:%s" % (login, password)).encode("base64").rstrip()
env['HTTP_AUTHORIZATION'] = "Basic %s" % s
req = self._createRequest(env)
lpw = req._authUserPW()
More information about the Zope3-Checkins
mailing list