Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug: URL-encoded proxy username and password get passed to Basic auth #108

Open
barjin opened this issue Oct 23, 2024 · 1 comment
Open

bug: URL-encoded proxy username and password get passed to Basic auth #108

barjin opened this issue Oct 23, 2024 · 1 comment

Comments

@barjin
Copy link

barjin commented Oct 23, 2024

The URL.username and URL.password properties are URL encoded (not noticeable unless you try to pass special characters like % or $ in there). The proxy expects the Basic authentication header to contain an unencoded username and password (or the base64 representation of those).

To avoid problems with authentication containing special characters, we should call decodeURIComponent on both username and password before concating them and passing those to the base64 encoder here:

http2-wrapper/source/proxies/get-auth-headers.js

Lines 4 to 14 in f1a1776

const {username, password} = self.proxyOptions.url;
if (username || password) {
const data = `${username}:${password}`;
const authorization = `Basic ${Buffer.from(data).toString('base64')}`;
return {
'proxy-authorization': authorization,
authorization
};
}

@barjin
Copy link
Author

barjin commented Oct 23, 2024

Ah, now I see - it's a duplicate of #104. For what it's worth, I still believe this is how the authentication should be handled, as any other client I tried does it this way (Chrome, Firefox, even curl).

@barjin barjin mentioned this issue Oct 23, 2024
Merged
barjin added a commit to apify/got-scraping that referenced this issue Oct 23, 2024
@barjin
fix: consistent proxy auth handling (#146)
eea94e5 
Extracts and reuses the `getBasic` helper function. 

Uses this helper to generate the `Basic` authentication header in the
`proxy` hooks (before, this was done further down the line by
[`http2-wrapper`](https://github.com/szmarczak/http2-wrapper), see the
[related issue](szmarczak/http2-wrapper#108)).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@barjin