mirror of
https://github.com/zadam/trilium.git
synced 2024-09-21 16:16:04 +08:00
fix parsing the authentication header with password containing a colon, closes #3916
This commit is contained in:
parent
cc1f831a6a
commit
04caba9f5b
|
@ -110,8 +110,8 @@ function checkCredentials(req, res, next) {
|
|||
|
||||
const header = req.headers['trilium-cred'] || '';
|
||||
const auth = new Buffer.from(header, 'base64').toString();
|
||||
const [username, password] = auth.split(/:/);
|
||||
|
||||
const colonIndex = auth.indexOf(':');
|
||||
const password = colonIndex === -1 ? "" : auth.substr(colonIndex + 1);
|
||||
// username is ignored
|
||||
|
||||
if (!passwordEncryptionService.verifyPassword(password)) {
|
||||
|
|
Loading…
Reference in a new issue