• Bob Van Landuyt's avatar
    Handle nullbytes in auth headers · 55f13e1e
    Bob Van Landuyt authored
    When using git-over-http the GitHttpClientController would try to look
    up the user or token read from the Authorization headers.
    
    If one of those headers would containe a base64 encoded null-byte,
    this would result in an ArgumentError.
    
    This adds support for that to the middleware by decoding the
    authorization headers and validating them beforehand.
    55f13e1e
user_sends_malformed_strings_spec.rb 810 Bytes