This project is archived and is in readonly mode.

#2572 ✓resolved
Jan

[Patch] Fixed basic auth with long credentials

Reported by Jan | April 27th, 2009 @ 07:33 PM | in 2.x

This patch fixes the http_basic_auth with long credentials.

A long username/password results in a (base64 encoded) request header string that contains newlines (\n). When decoding, Rails splitted the header with "split()" and used only the last part of the result. With the patch it splits it in max. two parts "split(' ', 2)".

Comments and changes to this ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

<h2 style="font-size: 14px">Tickets have moved to Github</h2>

The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>

People watching this ticket

Attachments

Referenced by

Pages