Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Basic auth: use UTF-8 by default #69

Closed
rfc2822 opened this issue Oct 14, 2016 · 7 comments
Closed

Basic auth: use UTF-8 by default #69

rfc2822 opened this issue Oct 14, 2016 · 7 comments

Comments

@rfc2822
Copy link

rfc2822 commented Oct 14, 2016

In the past (since RFC 2617), there have been difficulties with non-US-ASCII characters in Basic auth credentials. Some clients use ISO-8859-1, some use UTF-8, and so on the server side. In reality, only US-ASCII characters are usable expect for proprietary solutions where clients and servers are tailored together.

Since RFC 7617, it's clear that UTF-8 is the future.

  • requireLogin(): Please send Basic realm="…",charset="UTF-8" (see RFC 7617) on the server side in the 401 response, so that clients know that the server expects UTF-8 credentials.
  • getCredentials(): Make sure that UTF-8 credentials are understood correctly.
evert added a commit that referenced this issue Oct 24, 2016
@evert
Sending encoding="UTF-8" on basic auth challenges.
63641e0 
Fixes #69. Thanks for the suggestion @rfc2822
@evert evert mentioned this issue Oct 24, 2016
Merged
@evert evert closed this as completed in #70 Oct 24, 2016
@rfc2822
Copy link
Author

rfc2822 commented Oct 24, 2016

Thanks :)

@mbiebl
Copy link

mbiebl commented Feb 14, 2018

Hi,
it seems this fix never made it into the stable 4.2 branch. Would it be possible to cherry-pick this commit and make a 4.2.4 release?

DeepDiver1975 pushed a commit that referenced this issue Feb 16, 2018
@evert @DeepDiver1975
Sending encoding="UTF-8" on basic auth challenges.
1b48b39 
Fixes #69. Thanks for the suggestion @rfc2822
DeepDiver1975 pushed a commit that referenced this issue Feb 16, 2018
@evert @DeepDiver1975
Sending encoding="UTF-8" on basic auth challenges.
8d7221b 
Fixes #69. Thanks for the suggestion @rfc2822
@DeepDiver1975 DeepDiver1975 mentioned this issue Feb 16, 2018
Merged
@DeepDiver1975
Copy link
Member

@mbiebl here we go - https://github.com/sabre-io/http/pull/91/files

DeepDiver1975 pushed a commit that referenced this issue Feb 16, 2018
@evert @DeepDiver1975
Sending encoding="UTF-8" on basic auth challenges.
dd378a4 
Fixes #69. Thanks for the suggestion @rfc2822
@mbiebl
Copy link

mbiebl commented Feb 23, 2018

@DeepDiver1975 nice, thanks. Do you have an ETA for the 4.2.4 release? Could we just release 4.2.4 with this one change?

@DeepDiver1975
Copy link
Member

Could we just release 4.2.4 with this one change?

why not - @staabm any objections?

@DeepDiver1975
Copy link
Member

preparing release in here #96 ...

@DeepDiver1975
Copy link
Member

@mbiebl here we go - https://github.com/sabre-io/http/releases/tag/4.2.4

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rfc2822 @DeepDiver1975 @mbiebl