* src/web/ejabberd_http.erl (parse_auth): Allow password that

include colon character (EJAB-522) SVN Revision: 1322
2024-11-24 16:23:40 +01:00 · 2008-05-12 17:56:27 +00:00 · 2008-05-12 17:56:27 +00:00 · 98e47e8c73
commit 98e47e8c73
parent 977a20700a
2 changed files with 13 additions and 5 deletions
--- a/5
+++ b/5
@ -1,3 +1,8 @@
+2008-05-12  Badlop  <badlop@process-one.net>
+
+	* src/web/ejabberd_http.erl (parse_auth): Allow password that
+	include colon character (EJAB-522)
+
 2008-05-09  Mickael Remond <mremond@process-one.net>

 	* src/mod_ip_blacklist.erl: Better error handling (EJAB-625).
--- a/src/web/ejabberd_http.erl
+++ b/src/web/ejabberd_http.erl
@ -635,11 +635,14 @@ parse_auth(_Orig = "Basic " ++ Auth64) ->
 	{error, _Err} ->
 	    undefined;
 	Auth ->
-	    case string:tokens(Auth, ":") of
-		[User, Pass] ->
-		    {User, Pass};
-		_ ->
-		    undefined
+	    %% Auth should be a string with the format: user@server:password
+	    %% Note that password can contain additional characters '@' and ':'
+	    case string:chr(Auth, $:) of
+		0 ->
+		    undefined;
+		SplitIndex ->
+		    {User, [$: | Pass]} = lists:split(SplitIndex-1, Auth),
+		    {User, Pass}
 	    end
    end;
 parse_auth(_) ->