From 7a21d6b5f5b636d5cb315238ff64c984491823d1 Mon Sep 17 00:00:00 2001
From: Ferry Boender <ferry.boender@electricmonk.nl>
Date: Wed, 4 Jan 2017 14:09:49 +0100
Subject: [PATCH] Max split once on htauth password. Prevents failure when
 password contains colon (:)

---
 src/webapp.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/webapp.py b/src/webapp.py
index ebc8a98..7892f32 100644
--- a/src/webapp.py
+++ b/src/webapp.py
@@ -195,7 +195,7 @@ class ScriptFormWebApp(RequestHandler):
             if auth_header is not None:
                 # Validate the username and password
                 auth_unpw = auth_header.split(' ', 1)[1]
-                username, password = base64.decodestring(auth_unpw).split(":")
+                username, password = base64.decodestring(auth_unpw).split(":", 1)
                 pw_hash = hashlib.sha256(password).hexdigest()
 
                 if username in form_config.users and \