search

Kong / unirest-ruby

Unirest in Ruby: Simplified, lightweight HTTP client library.
http://unirest.io/ruby
MIT License
364 stars 83 forks source link

Issue with base64 encoding of Authorization header #10

Closed synth closed 10 years ago

synth commented 10 years ago

Unirest encodes Authorization header data slightly differently than Net::HTTP. I actually hit this insidious bug while building an api wrapper to TangoCard Raas api. I kept getting "Request header field is missing ':' separator." and couldn't for the life of me figure it out. I spent 4 hours digging through source and manually crafting Net::HTTP requests.

Finally, I realized the Authorization header that Unirest creates has a newline in it, but those created by Net::HTTP, didn't.

In Unirest:

  "Basic " + Base64.encode64(user + ":" + password)

In Net::HTTP

  'Basic ' + ["#{account}:#{password}"].pack('m').delete("\r\n")

Not sure what should be done here...

synth commented 10 years ago

why does unirest add the header itself? why doesn't it leverage net::http's mechanism?

subnetmarco commented 10 years ago

@synth I've just updated the gem with a fix that should have fixed the bug - can you please try again now (update the gem first)?

synth commented 10 years ago

great, updated and works for me, thx.