diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | src/web/ejabberd_http.erl | 13 |
2 files changed, 13 insertions, 5 deletions
@@ -1,3 +1,8 @@ +2008-05-12 Badlop <badlop@process-one.net> + + * src/web/ejabberd_http.erl (parse_auth): Allow password that + include colon character (EJAB-522) + 2008-05-09 Mickael Remond <mremond@process-one.net> * src/mod_ip_blacklist.erl: Better error handling (EJAB-625). diff --git a/src/web/ejabberd_http.erl b/src/web/ejabberd_http.erl index 5c14a287b..a53910803 100644 --- a/src/web/ejabberd_http.erl +++ b/src/web/ejabberd_http.erl @@ -635,11 +635,14 @@ parse_auth(_Orig = "Basic " ++ Auth64) -> {error, _Err} -> undefined; Auth -> - case string:tokens(Auth, ":") of - [User, Pass] -> - {User, Pass}; - _ -> - undefined + %% Auth should be a string with the format: user@server:password + %% Note that password can contain additional characters '@' and ':' + case string:chr(Auth, $:) of + 0 -> + undefined; + SplitIndex -> + {User, [$: | Pass]} = lists:split(SplitIndex-1, Auth), + {User, Pass} end end; parse_auth(_) -> |