Closed laurent-treeb closed 2 years ago
https://github.com/matrix-org/pantalaimon/blob/cd36ca68d5edb2d33f5a015ab04d8be4bf037912/pantalaimon/daemon.py#L421
Bad use of strip method....that remove chars at the end too...
For example: request.headers.get("Authorization", "") 'Bearer syt_YAg0NmIyMjAtYzUxNS00NjE1LThmMGItNGY0YWM5YTNmMGMw_yJnHaMJhnHFeCJoFIK1B_1234B' request.headers.get("Authorization", "").strip("Bearer ") 'syt_YAg0NmIyMjAtYzUxNS00NjE1LThmMGItNGY0YWM5YTNmMGMw_yJnHaMJhnHFeCJoFIK1B_1234'
the Strip method has removed the B at the end of the bearer...
I recommend to use : .replace("Bearer ", "", 1)
https://github.com/matrix-org/pantalaimon/blob/cd36ca68d5edb2d33f5a015ab04d8be4bf037912/pantalaimon/daemon.py#L421
Bad use of strip method....that remove chars at the end too...
For example: request.headers.get("Authorization", "") 'Bearer syt_YAg0NmIyMjAtYzUxNS00NjE1LThmMGItNGY0YWM5YTNmMGMw_yJnHaMJhnHFeCJoFIK1B_1234B' request.headers.get("Authorization", "").strip("Bearer ") 'syt_YAg0NmIyMjAtYzUxNS00NjE1LThmMGItNGY0YWM5YTNmMGMw_yJnHaMJhnHFeCJoFIK1B_1234'
the Strip method has removed the B at the end of the bearer...
I recommend to use : .replace("Bearer ", "", 1)