Max split once on htauth password. Prevents failure when password contains colon (:)

pull/7/head
Ferry Boender 8 years ago
parent 5183c6386a
commit 7a21d6b5f5
  1. 2
      src/webapp.py

@ -195,7 +195,7 @@ class ScriptFormWebApp(RequestHandler):
if auth_header is not None: if auth_header is not None:
# Validate the username and password # Validate the username and password
auth_unpw = auth_header.split(' ', 1)[1] auth_unpw = auth_header.split(' ', 1)[1]
username, password = base64.decodestring(auth_unpw).split(":") username, password = base64.decodestring(auth_unpw).split(":", 1)
pw_hash = hashlib.sha256(password).hexdigest() pw_hash = hashlib.sha256(password).hexdigest()
if username in form_config.users and \ if username in form_config.users and \

Loading…
Cancel
Save