Support auth cookies with : characters

The parts of a couchdb authentication cookie are separated by colons. One of these parts can contain colons and, more rarely, runs of colons. The string:tokens function silently drops any empty token, thus giving a spurious failure for valid input. The fix changes this mechanism to one that losslessly decodes this part. COUCHDB-1607
author: Robert Newson <rnewson@apache.org> 2012-11-18 19:02:07 +0000
committer: Robert Newson <rnewson@apache.org> 2012-11-18 19:02:07 +0000
commit: d9566c831d002be16f866f0065a905bc23773cf9 (patch)
tree: f86ef19fc31da61fa61e48b50c0d3969f5c86bde
parent: 2774531ff2946c0155dc6cb2af153e6378c41963 (diff)
download: couchdb-d9566c831d002be16f866f0065a905bc23773cf9.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/couchdb/couch_httpd_auth.erl b/src/couchdb/couch_httpd_auth.erl
index 0b4ba8f86..5226a56a6 100644
--- a/src/couchdb/couch_httpd_auth.erl
+++ b/src/couchdb/couch_httpd_auth.erl
@@ -160,7 +160,7 @@ cookie_authentication_handler(#httpd{mochi_req=MochiReq}=Req) ->
     Cookie ->
         [User, TimeStr | HashParts] = try
             AuthSession = couch_util:decodeBase64Url(Cookie),
-            [_A, _B | _Cs] = string:tokens(?b2l(AuthSession), ":")
+            [_A, _B | _Cs] = re:split(?b2l(AuthSession), ":", [{return, list}])
         catch
             _:_Error ->
                 Reason = <<"Malformed AuthSession cookie. Please clear your cookies.">>,
author	Robert Newson <rnewson@apache.org>	2012-11-18 19:02:07 +0000
committer	Robert Newson <rnewson@apache.org>	2012-11-18 19:02:07 +0000
commit	d9566c831d002be16f866f0065a905bc23773cf9 (patch)
tree	f86ef19fc31da61fa61e48b50c0d3969f5c86bde
parent	2774531ff2946c0155dc6cb2af153e6378c41963 (diff)
download	couchdb-d9566c831d002be16f866f0065a905bc23773cf9.tar.gz