Skip to content

Basic: Fix auth when password contains colon #69

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Basic: Fix auth when password contains colon #69

wants to merge 1 commit into from

Conversation

FlorianSW
Copy link

A colon is a valid character in the password, however currently the
chars including and after the colon are stripped of the password which
leads in false-positives (user can't login even if the password is
correct). This commit fixes that.

Fixes #20

@FlorianSW
Basic: Fix auth when password contains colon
202931f 
A colon is a valid character in the password, however currently the
chars including and after the colon are stripped of the password which
leads in false-positives (user can't login even if the password is
correct). This commit fixes that.

Fixes jaredhanson#20
@rudism rudism mentioned this pull request Dec 4, 2018
Open
5 tasks
@pofider pofider mentioned this pull request Jan 29, 2020
Open
@warlin16
Copy link

Can we please merge this in? This fixes a critical issue for an application I'm working on.

@gkTim
Copy link

gkTim commented Apr 9, 2020

Please merge this PR we need this fix asap

@TheDen
Copy link

TheDen commented May 24, 2024

Any reason why this hasn't been merged? IMO it's also a sec issue since it lowers entropy of passwords. Users can base64 encode to get around this I suppose, but it's not ideal

@BradLewis
Copy link

BradLewis commented May 24, 2024
edited
Loading

I think this project might just be dead given this PR has been up for 7 years, and the original issue (#20) + PR (#21) have been up for over 10 years.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

BASIC strategy does not support passwords that contain colons

5 participants

@FlorianSW @warlin16 @gkTim @TheDen @BradLewis