Basic authorization and colon in user, password

Hi to all,

as I understood RFC2617 for basic authorization it is assumed that username and password are seperated with a colon ":".

When a user enters an additional colon in username and/or password Hunchentoot (1.2.7) fails with an error:

[2013-04-30 09:34:34 [ERROR]] Extra arguments in ("foo" "bar" "blafasel") don't match lambda list (&OPTIONAL HUNCHENTOOT::USER HUNCHENTOOT::PASSWORD).

The code in question is in the function AUTHORIZATION in request.lisp:

-- (destructuring-bind (&optional user password) (split ":" (base64:base64-string-to-string (subseq authorization start))) --

I would prefer if Hunchentoot could handle this case silently without signalling an error. What do you think?

Kind regards, Daniel