zadam/trilium
1
1
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2024-09-21 16:16:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix parsing the authentication header with password containing a colon, closes #3916

Browse source
This commit is contained in:
zadam 2023-05-09 23:44:43 +02:00
parent cc1f831a6a
commit 04caba9f5b
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/services/auth.js
View file

@ -110,8 +110,8 @@ function checkCredentials(req, res, next) {
const header = req.headers['trilium-cred'] || '';
const auth = new Buffer.from(header, 'base64').toString();
const [username, password] = auth.split(/:/);
const colonIndex = auth.indexOf(':');
const password = colonIndex === -1 ? "" : auth.substr(colonIndex + 1);
// username is ignored
if (!passwordEncryptionService.verifyPassword(password)) {