fix #1861: Handle colons in passwords

3 years ago · a0dcd46483
parent 66ea28b50a
commit a0dcd46483
2 changed files with 2 additions and 1 deletions
--- a/core/admin/mailu/internal/views/auth.py
+++ b/core/admin/mailu/internal/views/auth.py
@ -63,7 +63,7 @@ def basic_authentication():
    authorization = flask.request.headers.get("Authorization")
    if authorization and authorization.startswith("Basic "):
        encoded = authorization.replace("Basic ", "")
-        user_email, password = base64.b64decode(encoded).split(b":")
+        user_email, password = base64.b64decode(encoded).split(b":", 1)
        user = models.User.query.get(user_email.decode("utf8"))
        if nginx.check_credentials(user, password.decode('utf-8'), flask.request.remote_addr, "web"):
            response = flask.Response()
--- a/towncrier/newsfragments/1861.bugfix
+++ b/towncrier/newsfragments/1861.bugfix
@ -0,0 +1 @@
+Fix a bug preventing colons from being used in passwords when using radicale/webdav.
				`@ -0,0 +1 @@`
				`Fix a bug preventing colons from being used in passwords when using radicale/webdav.`