gaschz/trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-10-31 19:49:01 +01:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

fix parsing the authentication header with password containing a colon, closes #3916

Browse Source
This commit is contained in:
zadam 2023-05-09 23:44:43 +02:00
parent cc1f831a6a
commit 04caba9f5b
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/services/auth.js
View File

@ -110,8 +110,8 @@ function checkCredentials(req, res, next) {
const header = req.headers['trilium-cred'] || '';
const auth = new Buffer.from(header, 'base64').toString();
const [username, password] = auth.split(/:/);
const colonIndex = auth.indexOf(':');
const password = colonIndex === -1 ? "" : auth.substr(colonIndex + 1);
// username is ignored
if (!passwordEncryptionService.verifyPassword(password)) {