Fix encodeBase64 for empty password or user in HTTP Basic Authentic…

…ation (#4326)
louislam · Jan 6, 2024 · 458cdf9 · 458cdf9
1 parent f1e2ee7
commit 458cdf9
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/server/model/monitor.js b/server/model/monitor.js
@@ -230,10 +230,12 @@ class Monitor extends BeanModel {
  /**
  * Encode user and password to Base64 encoding
  * for HTTP "basic" auth, as per RFC-7617
+ * @param {string|null} user - The username (nullable if not changed by a user)
+ * @param {string|null} pass - The password (nullable if not changed by a user)
  * @returns {string}
  */
  encodeBase64(user, pass) {
- return Buffer.from(user + ":" + pass).toString("base64");
+ return Buffer.from(`${user || ""}:${pass || ""}`).toString("base64");
  }
 
  /**