#285 Digest authorization breaks on second = sign in request

v2.1
open
nobody
zsi (169)
5
2010-01-21
2010-01-21
No

The HTTP digest authorization throws a ValueError when the authorization request sent by the server contains a name="value" pair, in which the value itself contains an = sign.

Fixing is simple. In ZSI/digest_auth.py, change line 93 from:

k,v = http_header[m.start():m.end()].split('=')

to:

k,v = http_header[m.start():m.end()].split('=',1)

This limits the splitting to only the first = sign, leaving the value part of the string untouched.

Discussion


Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks