Basic auth issue with passwords that contain international characters

[radu2501]

When using Basic Authentication, in a node.js environment, passwords and/or usernames that contain special characters do not get properly base-64 encoded.

I have debugged this and the issue is caused by the base-64 module that is required when in the context of a node.js or NativeScript environment.

For node.js, one could use the following function instead of require('base-64').encode, which works nicely:

base64 = function(str) { return Buffer.from(str).toString('base64'); }

[edselg]

Hello Radu,

Thank you for reporting this issue and providing the reference to the toString() API in Node.js.

I took a look at this and it seems that that issue is not specifically caused by the base-64 module but by the btoa() API only expecting ASCII characters:

• https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/btoa

The following thread at Stack Overflow provide info on BASIC Authentication and mentions about the old RFC 2617 and the new RFC7617:

• https://stackoverflow.com/questions/7242316/what-encoding-should-i-use-for-http-basic-authentication

RFC 7617 indicates that a charset="UTF-8" auth parameter can be sent in its challenge to indicate the character encoding expected by the agent:

• https://tools.ietf.org/html/rfc7617#section-2.1

I think that should look into honoring the charset parameter. However, this also depends on the backend that you are using.

What are you using on the backend? PASOE?

Thank you.

[edselg]

The Node.js API toString("base64") seems to be equivalent to the utoa() API from the notes in the btoa() article:

• https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/btoa#Unicode_strings

[mikefechner]

What are you using on the backend? PASOE?

PASOE, of course. Is there any other backend ;-)

[edselg]

Great.

PASOE of course. :-)

Thank you for the info.

[zerovian]

Progress internal issue # OCTA-11854

[zerovian]

Closing as this is fixed in jsdo-core release 6.0.1.