Normalize the credentials presence check

Most places that check for the presence / absence of credentials compare them against `undefined`, except the one for Plain authentication. This change makes the very last place to use the same pattern (instead of checking for falsiness) for consistency. Additionally, there are ways to configure PAM to accept empty passwords, so it's possible for a user to legitimately send an empty string as password.
author: lhchavez <lhchavez@lhchavez.com> 2021-03-11 05:38:13 -0800
committer: lhchavez <lhchavez@lhchavez.com> 2021-03-11 06:42:11 -0800
commit: 0c55c6475701b66c28c245483aeaf4d0179a3cca (patch)
tree: f0aac848933d51dce3dfcf69ca26073807329c49
parent: 18593154d3cf8973dbddb9f97615453efa6b3b0d (diff)
download: novnc-0c55c6475701b66c28c245483aeaf4d0179a3cca.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/core/rfb.js b/core/rfb.js
index e3786cb..05a5979 100644
--- a/core/rfb.js
+++ b/core/rfb.js
@@ -1427,8 +1427,8 @@ export default class RFB extends EventTargetMixin {
 
         // negotiated Plain subtype, server waits for password
         if (this._rfbVeNCryptState == 4) {
-            if (!this._rfbCredentials.username ||
-                !this._rfbCredentials.password) {
+            if (this._rfbCredentials.username === undefined ||
+                this._rfbCredentials.password === undefined) {
                 this.dispatchEvent(new CustomEvent(
                     "credentialsrequired",
                     { detail: { types: ["username", "password"] } }));
author	lhchavez <lhchavez@lhchavez.com>	2021-03-11 05:38:13 -0800
committer	lhchavez <lhchavez@lhchavez.com>	2021-03-11 06:42:11 -0800
commit	0c55c6475701b66c28c245483aeaf4d0179a3cca (patch)
tree	f0aac848933d51dce3dfcf69ca26073807329c49
parent	18593154d3cf8973dbddb9f97615453efa6b3b0d (diff)
download	novnc-0c55c6475701b66c28c245483aeaf4d0179a3cca.tar.gz