Skip to content

Z
Zope
Commit c9d826ba authored by Ken Manheimer's avatar Ken Manheimer
Browse files
Options

.validate(): Prevent crashing zope on passwords that contain a ':'.

parent 635c28a5
Hide whitespace changes
Inline Side-by-side
Showing with 2 additions and 2 deletions
lib/python/AccessControl/User.py
View file @ c9d826ba
...@@ -84,7 +84,7 @@ ...@@ -84,7 +84,7 @@
############################################################################## ##############################################################################
"""Access control package""" """Access control package"""
__version__='$Revision: 1.68 $'[11:-2] __version__='$Revision: 1.69 $'[11:-2]
import Globals, App.Undo, socket, regex import Globals, App.Undo, socket, regex
from Globals import HTMLFile, MessageDialog, Persistent, PersistentMapping from Globals import HTMLFile, MessageDialog, Persistent, PersistentMapping
...@@ -380,7 +380,7 @@ class BasicUserFolder(Implicit, Persistent, Navigation, Tabs, RoleManager, ...@@ -380,7 +380,7 @@ class BasicUserFolder(Implicit, Persistent, Navigation, Tabs, RoleManager,
# Only do basic authentication # Only do basic authentication
if lower(auth[:6])!='basic ': if lower(auth[:6])!='basic ':
return None return None
name,password=tuple(split(decodestring(split(auth)[-1]), ':')) name,password=tuple(split(decodestring(split(auth)[-1]), ':', 1))
# Check for superuser # Check for superuser
super=self._super super=self._super
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7