mirror of
https://github.com/Kozea/Radicale.git
synced 2025-06-26 16:45:52 +00:00
Encode password to allow special characters
XMLHttpRequest.open() does not automatically encode the password. Though it builds an basic auth schemed URI where '%' is the escaping indicator, thus passwords containing this characters are not accepted this way without manually replacing '%' with '%25' on the form.
This commit is contained in:
Tobias Stettner
Peter Bieringer
parent
08a4c792b1
commit
8fc5352e27
1 changed files with 5 additions and 5 deletions
|
|
@ -124,7 +124,7 @@ function Collection(href, type, displayname, description, color, source) {
|
|||
*/
|
||||
function get_principal(user, password, callback) {
|
||||
let request = new XMLHttpRequest();
|
||||
request.open("PROPFIND", SERVER + ROOT_PATH, true, user, password);
|
||||
request.open("PROPFIND", SERVER + ROOT_PATH, true, user, encodeURIComponent(password));
|
||||
request.onreadystatechange = function() {
|
||||
if (request.readyState !== 4) {
|
||||
return;
|
||||
|
|
@ -167,7 +167,7 @@ function get_principal(user, password, callback) {
|
|||
*/
|
||||
function get_collections(user, password, collection, callback) {
|
||||
let request = new XMLHttpRequest();
|
||||
request.open("PROPFIND", SERVER + collection.href, true, user, password);
|
||||
request.open("PROPFIND", SERVER + collection.href, true, user, encodeURIComponent(password));
|
||||
request.setRequestHeader("depth", "1");
|
||||
request.onreadystatechange = function() {
|
||||
if (request.readyState !== 4) {
|
||||
|
|
@ -280,7 +280,7 @@ function get_collections(user, password, collection, callback) {
|
|||
*/
|
||||
function upload_collection(user, password, collection_href, file, callback) {
|
||||
let request = new XMLHttpRequest();
|
||||
request.open("PUT", SERVER + collection_href, true, user, password);
|
||||
request.open("PUT", SERVER + collection_href, true, user, encodeURIComponent(password));
|
||||
request.onreadystatechange = function() {
|
||||
if (request.readyState !== 4) {
|
||||
return;
|
||||
|
|
@ -305,7 +305,7 @@ function upload_collection(user, password, collection_href, file, callback) {
|
|||
*/
|
||||
function delete_collection(user, password, collection, callback) {
|
||||
let request = new XMLHttpRequest();
|
||||
request.open("DELETE", SERVER + collection.href, true, user, password);
|
||||
request.open("DELETE", SERVER + collection.href, true, user, encodeURIComponent(password));
|
||||
request.onreadystatechange = function() {
|
||||
if (request.readyState !== 4) {
|
||||
return;
|
||||
|
|
@ -330,7 +330,7 @@ function delete_collection(user, password, collection, callback) {
|
|||
*/
|
||||
function create_edit_collection(user, password, collection, create, callback) {
|
||||
let request = new XMLHttpRequest();
|
||||
request.open(create ? "MKCOL" : "PROPPATCH", SERVER + collection.href, true, user, password);
|
||||
request.open(create ? "MKCOL" : "PROPPATCH", SERVER + collection.href, true, user, encodeURIComponent(password));
|
||||
request.onreadystatechange = function() {
|
||||
if (request.readyState !== 4) {
|
||||
return;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue