Convert password provided by web form to UTF8 before passing it (#375)

author Badlop <badlop@process-one.net>

Fri, 22 Jul 2016 14:51:48 +0000 (16:51 +0200)

committer Badlop <badlop@process-one.net>

Fri, 22 Jul 2016 14:52:13 +0000 (16:52 +0200)
author Badlop <badlop@process-one.net>
Fri, 22 Jul 2016 14:51:48 +0000 (16:51 +0200)
committer Badlop <badlop@process-one.net>
Fri, 22 Jul 2016 14:52:13 +0000 (16:52 +0200)
diff --git a/src/ejabberd_http.erl b/src/ejabberd_http.erl

index 6b53f46c6a27be1183c41bdc35a585e8bc71327e..a79f26305e9deec3004c460dc5411dff8280e710 100644 (file)
--- a/src/ejabberd_http.erl
+++ b/src/ejabberd_http.erl
@@ -763,7 +763,8 @@ parse_auth(<<"Basic ", Auth64/binary>>) ->
              undefined;
          Pos ->
              {User, <<$:, Pass/binary>>} = erlang:split_binary(Auth, Pos-1),
-            {User, Pass}
+            PassUtf8 = unicode:characters_to_binary(binary_to_list(Pass), utf8),
+            {User, PassUtf8}
      end;
  parse_auth(<<"Bearer ", SToken/binary>>) ->
      Token = str:strip(SToken),
author	Badlop <badlop@process-one.net>
	Fri, 22 Jul 2016 14:51:48 +0000 (16:51 +0200)
committer	Badlop <badlop@process-one.net>
	Fri, 22 Jul 2016 14:52:13 +0000 (16:52 +0200)