.validate(): Prevent crashing zope on passwords that contain a ':'.

c9d826ba · Ken Manheimer · 635c28a5 · c9d826ba
Commit c9d826ba authored Mar 23, 1999 by Ken Manheimer
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

lib/python/AccessControl/User.py lib/python/AccessControl/User.py +2 -2

No files found.
--- a/lib/python/AccessControl/User.py
+++ b/lib/python/AccessControl/User.py
@@ -84,7 +84,7 @@
 ##############################################################################
 """Access control package"""

-__version__='$Revision: 1.68 $'[11:-2]
+__version__='$Revision: 1.69 $'[11:-2]

 import Globals, App.Undo, socket, regex
 from Globals import HTMLFile, MessageDialog, Persistent, PersistentMapping
@@ -380,7 +380,7 @@ class BasicUserFolder(Implicit, Persistent, Navigation, Tabs, RoleManager,
        # Only do basic authentication
        if lower(auth[:6])!='basic ':
            return None
-        name,password=tuple(split(decodestring(split(auth)[-1]), ':'))
+        name,password=tuple(split(decodestring(split(auth)[-1]), ':', 1))

        # Check for superuser
        super=self._super