URI.decode site username/password. Closes #11169 [Ernesto Jimenez]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8900 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
2026-04-04 03:00:58 -04:00 · 2008-02-19 23:06:09 +00:00
parent 1537aec184
commit ab45bd487a
4 changed files with 20 additions and 4 deletions
--- a/activeresource/lib/active_resource/base.rb
+++ b/activeresource/lib/active_resource/base.rb
@@ -204,8 +204,8 @@ module ActiveResource
          @site = nil
        else
          @site = create_site_uri_from(site)
-          @user = @site.user if @site.user
-          @password = @site.password if @site.password
+          @user = URI.decode(@site.user) if @site.user
+          @password = URI.decode(@site.password) if @site.password
        end
      end

--- a/activeresource/lib/active_resource/connection.rb
+++ b/activeresource/lib/active_resource/connection.rb
@@ -76,8 +76,8 @@ module ActiveResource
    # Set URI for remote service.
    def site=(site)
      @site = site.is_a?(URI) ? site : URI.parse(site)
-      @user = @site.user if @site.user
-      @password = @site.password if @site.password
+      @user = URI.decode(@site.user) if @site.user
+      @password = URI.decode(@site.password) if @site.password
    end

    # Set user for remote service.
--- a/activeresource/test/authorization_test.rb
+++ b/activeresource/test/authorization_test.rb
@@ -45,6 +45,15 @@ class AuthorizationTest < Test::Unit::TestCase
    assert_equal ["", "test123"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
  end
  
+  def test_authorization_header_with_decoded_credentials_from_url
+    @conn = ActiveResource::Connection.new("http://my%40email.com:%31%32%33@localhost")
+    authorization_header = @conn.send!(:authorization_header)
+    authorization = authorization_header["Authorization"].to_s.split
+
+    assert_equal "Basic", authorization[0]
+    assert_equal ["my@email.com", "123"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
+  end
+
  def test_authorization_header_explicitly_setting_username_and_password
    @authenticated_conn = ActiveResource::Connection.new("http://@localhost")
    @authenticated_conn.user = 'david'
--- a/activeresource/test/base_test.rb
+++ b/activeresource/test/base_test.rb
@@ -103,6 +103,13 @@ class BaseTest < Test::Unit::TestCase
    assert_nil actor.connection.password
  end

+  def test_credentials_from_site_are_decoded
+    actor = Class.new(ActiveResource::Base)
+    actor.site = 'http://my%40email.com:%31%32%33@cinema'
+    assert_equal("my@email.com", actor.user)
+    assert_equal("123", actor.password)
+  end
+
  def test_site_reader_uses_superclass_site_until_written
    # Superclass is Object so returns nil.
    assert_nil ActiveResource::Base.site