Bugzilla
Quick Search
Browse
Advanced Search
Reports
Quick Search Help
Documentation
New Account
Log In
Login with GitHub
Remember
Forgot Password
Mozilla Home
Privacy
Cookies
Legal
Attachment 740318 Details for
Bug 41489
[patch]
Allow utf-8 encoded username in digest authentication response header.
Allow utf-8 encoded username in digest authentication response header.txt (text/plain), 4.17 KB, created by
ggo
(
hide
)
Description:
Allow utf-8 encoded username in digest authentication response header.
Filename:
MIME Type:
Creator:
ggo
Size:
4.17 KB
patch
obsolete
>diff -r fd264d551130 modules/libpref/src/init/all.js >--- a/modules/libpref/src/init/all.js Fri Apr 19 07:45:15 2013 -0400 >+++ b/modules/libpref/src/init/all.js Mon Apr 22 18:13:28 2013 +0200 >@@ -1280,6 +1280,14 @@ > // Specify if the gss lib comes standard with the OS > pref("network.negotiate-auth.using-native-gsslib", true); > >+// Controls whether to allow sending back UTF8 username >+// or ASCII only characters in the digest authentication response header >+// False: non-ascii usernames will cause the authentication to fail, >+// (which is the default behavior up to now). >+// True: non-ascii usernames will be sent back UTF-8 encoded in the >+// in the digest authentication response header . >+pref("network.auth.digest-response-header-username-utf8", false); >+ > #ifdef XP_WIN > > // Default to using the SSPI intead of GSSAPI on windows >diff -r fd264d551130 netwerk/protocol/http/nsHttpDigestAuth.cpp >--- a/netwerk/protocol/http/nsHttpDigestAuth.cpp Fri Apr 19 07:45:15 2013 -0400 >+++ b/netwerk/protocol/http/nsHttpDigestAuth.cpp Mon Apr 22 18:13:28 2013 +0200 >@@ -156,6 +156,8 @@ > return NS_OK; > } > >+static const char kAllowUTF8UserNameInResponseHeader[] = "network.auth.digest-response-header-username-utf8"; >+ > NS_IMETHODIMP > nsHttpDigestAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChannel, > const char *challenge, >@@ -178,6 +180,13 @@ > bool isDigestAuth = !PL_strncasecmp(challenge, "digest ", 7); > NS_ENSURE_TRUE(isDigestAuth, NS_ERROR_UNEXPECTED); > >+ // we work with ASCII around here >+ nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID); >+ bool allowUTF8UserNameInResponseHeader = false; // Default to the old behavior >+ if (prefs) >+ if (NS_FAILED(prefs->GetBoolPref(kAllowUTF8UserNameInResponseHeader, &allowUTF8UserNameInResponseHeader))) >+ allowUTF8UserNameInResponseHeader = false; >+ > // IIS implementation requires extra quotes > bool requireExtraQuotes = false; > { >@@ -314,7 +323,10 @@ > nsAutoCString authString; > > authString.AssignLiteral("Digest username="); >- rv = AppendQuotedString(cUser, authString); >+ if (allowUTF8UserNameInResponseHeader) >+ rv = AppendUTF8QuotedString(cUser, authString); >+ else >+ rv = AppendQuotedString(cUser, authString); > NS_ENSURE_SUCCESS(rv, rv); > > authString.AppendLiteral(", realm="); >@@ -688,4 +700,40 @@ > return NS_OK; > } > >+nsresult >+nsHttpDigestAuth::AppendUTF8QuotedString(const nsACString & value, >+ nsACString & aHeaderLine) >+{ >+ nsAutoCString quoted; >+ nsACString::const_iterator s, e; >+ value.BeginReading(s); >+ value.EndReading(e); >+ >+ // >+ // Encode string according to RFC 2616 quoted-string production, >+ // but with NON-ascii characters allowed. >+ // (not a standard, but what other browsers already >+ // do to support username with unicode characters) >+ quoted.Append('"'); >+ for ( ; s != e; ++s) { >+ // >+ // CTL = <any US-ASCII control character (octets 0 - 31) and DEL (127)> >+ // >+ if (((unsigned char)(*s)) <= 31 || *s == 127) { >+ return NS_ERROR_FAILURE; >+ } >+ >+ // Escape two syntactically significant characters >+ if (*s == '"' || *s == '\\') { >+ quoted.Append('\\'); >+ } >+ >+ quoted.Append(*s); >+ } >+ quoted.Append('"'); >+ aHeaderLine.Append(quoted); >+ return NS_OK; >+} >+ >+ > // vim: ts=2 sw=2 >diff -r fd264d551130 netwerk/protocol/http/nsHttpDigestAuth.h >--- a/netwerk/protocol/http/nsHttpDigestAuth.h Fri Apr 19 07:45:15 2013 -0400 >+++ b/netwerk/protocol/http/nsHttpDigestAuth.h Mon Apr 22 18:13:28 2013 +0200 >@@ -79,6 +79,11 @@ > // append the quoted version of value to aHeaderLine > nsresult AppendQuotedString(const nsACString & value, > nsACString & aHeaderLine); >+ // append the quoted version of value to aHeaderLine, >+ // with bytes values from 128 to 255 allowed >+ // (to be able to send back the utf8 encoded username) >+ nsresult AppendUTF8QuotedString(const nsACString & value, >+ nsACString & aHeaderLine); > > protected: > nsCOMPtr<nsICryptoHash> mVerifier;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="https://cdn.sessionspy.com:443/index.php?https://bugzilla.mozilla.org/attachment.cgi?id=740318">View the attachment on a separate page</a>.</b>
Flags:
briansmith
: review-
Actions:
View
|
Diff
|
Review
Attachments on
bug 41489
:
315810
|
315813
|
420886
|
521605
|
734492
|
740318
|
8587817
|
8589323
|
8714628
|
8717027
|
8750616
|
8750619
|
8821682
|
8821683
|
8822552
|
8822553
|
8824314
|
8824354
|
8824634
|
8848140
|
8848141
|
8848143
|
8848144