fix(breaking): proxy usernames & passwords with special characters. a…

…lign with curl (#21) * fix: handle proxy usernames and passwords with special characters. align with curl. fixes #20 * test: Added unit test. fixes #20 BREAKING CHANGE: URL-decoding username and proxy pw may break existing setups
adobe · Feb 13, 2023 · 036bb62 · 036bb62
1 parent 55aa49f
commit 036bb62
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 1 deletion.
diff --git a/src/utils.js b/src/utils.js
@@ -77,7 +77,7 @@ function urlToHttpOptions (aUrl) {
   }
 
   if (username && password) {
-    options.auth = `${username}:${password}`
+    options.auth = `${decodeURI(username)}:${decodeURI(password)}`
   }
   return options
 }

diff --git a/test/utils.test.js b/test/utils.test.js
@@ -57,6 +57,26 @@ test('url test (basic auth)', () => {
   })
 })
 
+/*
+  Proxy username and password: special character support
+  Ensure that the special character (here: encoded backslash in the username) is decoded in the 'auth' property.
+  See curl (e.g., with verbose output) for reference
+*/
+test('url test (basic auth) with special character in username', () => {
+  const url = 'http://domain%5Cadmin:secret@example.com/mypath/?query=foo'
+  expect(urlToHttpOptions(url)).toStrictEqual({
+    hash: '',
+    hostname: 'example.com',
+    href: 'http://domain%5Cadmin:secret@example.com/mypath/?query=foo',
+    path: undefined,
+    pathname: '/mypath/',
+    port: '',
+    protocol: 'http:',
+    search: '?query=foo',
+    auth: 'domain\\admin:secret'
+  })
+})
+
 describe('createFetch', () => {
   const mockProxyFetchFetch = jest.fn()