Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTP Strategy abandoned and broken #970

Open
ansibleguy76 opened this issue Feb 19, 2023 · 1 comment
Open

HTTP Strategy abandoned and broken #970

ansibleguy76 opened this issue Feb 19, 2023 · 1 comment

Comments

@ansibleguy76
Copy link

The basic strategy project is abandoned and flawed. A simple example : you can have a colon ":" in the password.
The github "https://github.com/jaredhanson/passport-http" has even 28 pull requests, including for this issue and still it's ignored.

I recommend to archive the project and advertise "github.com/AaronDewes/modern-passport-http" in your documentation, which is not abandoned and addresses the issues AND it's 100% compatible

Expected behavior

The most basic authentication is flawed. A colon is a valid character for a password and should simple not break this awesome project. The user should get authenticated

Actual behavior

You get a wrong password error

Steps to reproduce

Implement basic authentication and use colon in your password

Environment

  • Operating System:
  • Node version: 16.14.0
  • passport version: 0.6.0
@markstos
Copy link

It appears this issue should have filed in the passport-http project, not here: https://github.com/jaredhanson/passport-http

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@markstos @ansibleguy76