Only base64 encode auth header if it matches un-encoded Basic auth pa…

…ttern. Closes #50 Closes #51
mrak · Mar 18, 2016 · b912119 · b912119
1 parent 9216aff
commit b912119
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 5 deletions.
diff --git a/src/models/endpoint.js b/src/models/endpoint.js
@@ -167,14 +167,17 @@ function purifyHeaders(incoming) {
 }
 
 function purifyAuthorization(headers) {
-  var auth;
+  var auth, userpass;
 
   if (headers == null || headers.authorization == null) { return headers; }
 
   auth = headers.authorization || '';
-  if (!/:/.test(auth)) { return headers; }
 
-  headers.authorization = 'Basic ' + new Buffer(auth).toString('base64');
+  if (/^Basic .+:.+$/.test(auth)) {
+    userpass = auth.substr(6);
+    headers.authorization = 'Basic ' + new Buffer(userpass).toString('base64');
+  }
+
   return headers;
 }
 

diff --git a/test/data/e2e.yaml b/test/data/e2e.yaml
@@ -72,7 +72,7 @@
     method: POST
     post: some=data
     headers:
-      authorization: stubby:passwordZ0r
+      authorization: Basic stubby:passwordZ0r
   response:
     status: 201
     headers:

diff --git a/test/endpoint.js b/test/endpoint.js
@@ -299,7 +299,7 @@ describe('Endpoint', function () {
       var actual, expected;
       expected = 'Basic dXNlcm5hbWU6cGFzc3dvcmQ=';
       this.data.request.headers = {
-        authorization: 'username:password'
+        authorization: 'Basic username:password'
       };
 
       actual = new Endpoint(this.data);