8 Apr
2015
8 Apr
'15
8:58 p.m.
Hi to all, as I understood RFC2617 for basic authorization it is assumed that username and password are seperated with a colon ":". When a user enters an additional colon in username and/or password Hunchentoot (1.2.7) fails with an error: [2013-04-30 09:34:34 [ERROR]] Extra arguments in ("foo" "bar" "blafasel") don't match lambda list (&OPTIONAL HUNCHENTOOT::USER HUNCHENTOOT::PASSWORD). The code in question is in the function AUTHORIZATION in request.lisp: -- (destructuring-bind (&optional user password) (split ":" (base64:base64-string-to-string (subseq authorization start))) -- I would prefer if Hunchentoot could handle this case silently without signalling an error. What do you think? Kind regards, Daniel