From 5effc0827e2134744d27529cb36970994768263b Mon Sep 17 00:00:00 2001 From: Petr Mares Date: Wed, 27 May 2020 00:32:03 +0800 Subject: [PATCH] Fixing password encoding with special characters in basic authentication (#1492) * Fixing password encoding with special characters in basic authentication * Adding test to check if password with non-Latin1 characters pass Co-authored-by: petr.mares Co-authored-by: Jay --- lib/adapters/xhr.js | 2 +- test/specs/__helpers.js | 19 ++++++++++++++++++- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/lib/adapters/xhr.js b/lib/adapters/xhr.js index bf90efd..5db1d1e 100644 --- a/lib/adapters/xhr.js +++ b/lib/adapters/xhr.js @@ -23,7 +23,7 @@ module.exports = function xhrAdapter(config) { // HTTP basic authentication if (config.auth) { var username = config.auth.username || ''; - var password = config.auth.password || ''; + var password = unescape(encodeURIComponent(config.auth.password)) || ''; requestHeaders.Authorization = 'Basic ' + btoa(username + ':' + password); } diff --git a/test/specs/__helpers.js b/test/specs/__helpers.js index efb4fc6..660ae09 100644 --- a/test/specs/__helpers.js +++ b/test/specs/__helpers.js @@ -76,7 +76,24 @@ setupBasicAuthTest = function setupBasicAuthTest() { }, 100); }); - it('should fail to encode HTTP Basic auth credentials with non-Latin1 characters', function (done) { + it('should accept HTTP Basic auth credentials with non-Latin1 characters in password', function (done) { + axios('/foo', { + auth: { + username: 'Aladdin', + password: 'open ßç£☃sesame' + } + }); + + setTimeout(function () { + var request = jasmine.Ajax.requests.mostRecent(); + console.log(request.requestHeaders['Authorization'], '\n\n\n'); + + expect(request.requestHeaders['Authorization']).toEqual('Basic QWxhZGRpbjpvcGVuIMOfw6fCo+KYg3Nlc2FtZQ=='); + done(); + }, 100); + }); + + it('should fail to encode HTTP Basic auth credentials with non-Latin1 characters in username', function (done) { axios('/foo', { auth: { username: 'Aladßç£☃din',