Closed
Bug 1359520
Opened 7 years ago
Closed 7 years ago
Unicode characters in Basic Auth password are corrupted
Categories
(Core :: Networking, defect)
Tracking
()
People
(Reporter: jaraco, Unassigned)
Details
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Firefox/52.0 Build ID: 20170323110425 Steps to reproduce: I recently changed my password at work to include unicode characters. After doing so, I noticed sites requiring Basic Auth would no longer accept my username and password. A little digging revealed that [Firefox apparently sends only the most significant byte of UTF-8 characters](http://stackoverflow.com/a/9056877/70170), or by my estimation some other single-byte encoding. And while I acknowledge there's probably not a reliable standard for encoding passwords (or usernames for that matter), Chrome does seem to transmit the complete password in UTF-8 and for the systems I was using, that was sufficient to pass the auth check. Actual results: For the password "хорошую работу", Firefox sends "E>@>HCN @01>BC" (0x45, 0x3e, 0x40, 0x3e, 0x48, 0x43, 0x4e, 0x20, 0x40, 0x30, 0x31, 0x3e, 0x42, 0x43). Expected results: Firefox should send the text UTF-8 encoded, matching the de-facto standard (0xd1, 0x85, 0xd0, 0xbe, 0xd1, 0x80, 0xd0, 0xbe, 0xd1, 0x88, 0xd1, 0x83, 0xd1, 0x8e, 0x20, 0xd1, 0x80, 0xd0, 0xb0, 0xd0, 0xb1, 0xd0, 0xbe, 0xd1, 0x82, 0xd1, 0x83).
Updated•7 years ago
|
Component: Untriaged → Security
Component: Security → Networking
Product: Firefox → Core
Updated•7 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•