flo/nsupdate.info
1
0
Fork 0
Code Issues 1 Pull Requests 2 Packages Releases Activity

catch exception for invalid http basic auth strings, fixes #401

Browse Source
This commit is contained in:
Thomas Waldmann 2019-04-04 00:13:34 +02:00
parent 53cf7ee6dd
commit 1a8192b4bc
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
nsupdate/api/views.py
View File

@ -119,7 +119,11 @@ def basic_authenticate(auth):
:return: username, password [unicode on py2, str on py3] :return: username, password [unicode on py2, str on py3]
""" """
assert isinstance(auth, str) assert isinstance(auth, str)
authmeth, auth = auth.split(' ', 1) try:
authmeth, auth = auth.split(' ', 1)
except ValueError:
# splitting failed, invalid auth string
return
if authmeth.lower() != 'basic': if authmeth.lower() != 'basic':
return return
# we ignore bytes that do not decode. username (hostname) and password # we ignore bytes that do not decode. username (hostname) and password