cwinfo/powerdns-admin
5
0
Fork 0
mirror of https://github.com/cwinfo/powerdns-admin.git synced 2025-02-10 10:39:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
powerdns-admin/powerdnsadmin/routes
History
Nigel Kukard 17e3a8f942 fix(auth:basic): Basic auth exception handling improvement 
Currently passing an invalid Basic auth header (random string base64 encoded) would result in an exception being raised due to a username, password = auth_header.split().

Similary passing a `Digest` authentication type would result in an exception as there is no :.

Thirdly passing invalid base64 encoded UTF-8 code sequences would result in exceptions as this issue (#1424).

I added code to check explicitly that we are doing basic authentication then by checking the number of entries returned by the split.

I also added exception handling for invalid UTF-8 code sequence exceptions.

Tested with a fuzzer.

Tested with valid and invalid credentials.

This fixes #1424.
2023-03-15 01:09:46 +00:00
..
__init__.py
Revert "Revert "Merge pull request #1371 from AgentTNT/AdminLTE-Upgrade""
2023-02-18 11:04:14 -05:00
admin.py
Merge branch 'dev' into custom_current_user
2023-03-12 17:23:44 +02:00
api.py
Added custom header in created_by segment option
2023-03-12 13:36:30 +00:00
base.py
fix(auth:basic): Basic auth exception handling improvement
2023-03-15 01:09:46 +00:00
dashboard.py
Corrected unauthorized side navigation change regarding the placement of the "Global Search" feature.
2023-03-10 16:23:33 -05:00
domain.py
Standard user domain records list performance loop improvement
2023-03-01 18:43:47 +02:00
index.py
Add missing OIDC env vars
2023-02-23 22:13:19 +01:00
user.py
Add LDAP user images
2022-06-18 19:11:16 +02:00