scottk/Mailu
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/Mailu.git synced 2025-11-02 19:18:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix the encoding of incoming user email and password

Browse Source
This commit is contained in:
kaiyou
2019-12-20 17:01:17 +01:00
parent 869f230e0d
commit 9b7a027d6f
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
core/admin/mailu/internal/nginx.py
View File

@@ -37,8 +37,14 @@ def handle_authentication(headers):
# Authenticated user # Authenticated user
elif method == "plain": elif method == "plain":
server, port = get_server(headers["Auth-Protocol"], True) server, port = get_server(headers["Auth-Protocol"], True)
user_email = urllib.parse.unquote(headers["Auth-User"]) # According to RFC2616 section 3.7.1 and PEP 3333, HTTP headers should
password = urllib.parse.unquote(headers["Auth-Pass"]) # be ASCII and are generally considered ISO8859-1. However when passing
# the password, nginx does not transcode the input UTF string, thus
# we need to manually decode.
raw_user_email = urllib.parse.unquote(headers["Auth-User"])
user_email = raw_user_email.encode("iso8859-1").decode("utf8")
raw_password = urllib.parse.unquote(headers["Auth-Pass"])
password = raw_password.encode("iso8859-1").decode("utf8")
ip = urllib.parse.unquote(headers["Client-Ip"]) ip = urllib.parse.unquote(headers["Client-Ip"])
user = models.User.query.get(user_email) user = models.User.query.get(user_email)
status = False status = False