diff options
| author | Stephan Bergmann <sbergman@redhat.com> | 2018-09-04 16:45:00 +0200 |
|---|---|---|
| committer | Noel Grandin <noel.grandin@collabora.co.uk> | 2018-09-05 13:38:20 +0200 |
| commit | 2c4c7a11f18dd54a9dc319d00fa61672adbdc66d (patch) | |
| tree | 7c9c933e5f197aab458d95a29bff8ffed69c2cdd | |
| parent | 6ee76d210846b84e93420a321c7908721ffe9e43 (diff) | |
Properly encode OAuth2 credentials
Reviewed-on: https://gerrit.libreoffice.org/59986
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 33f7485dedea90e0f80c6348fa8ac5f27c5052e0)
Conflicts:
external/libcmis/UnpackedTarball_libcmis.mk
Change-Id: Ic3edeae035262309e91fb01e3aca5c2f905bc3e5
Reviewed-on: https://gerrit.libreoffice.org/60017
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
| -rw-r--r-- | external/libcmis/UnpackedTarball_libcmis.mk | 1 | ||||
| -rw-r--r-- | external/libcmis/xwwwformurlencoded.patch.0 | 59 |
2 files changed, 60 insertions, 0 deletions
diff --git a/external/libcmis/UnpackedTarball_libcmis.mk b/external/libcmis/UnpackedTarball_libcmis.mk index 3730888bf6b5..84647275607d 100644 --- a/external/libcmis/UnpackedTarball_libcmis.mk +++ b/external/libcmis/UnpackedTarball_libcmis.mk @@ -20,6 +20,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,libcmis, \ external/libcmis/libcmis-fix-google-drive-2.patch \ external/libcmis/libcmis-sharepoint-repository-root.patch \ external/libcmis/libcmis-fix-error-handling.patch \ + external/libcmis/xwwwformurlencoded.patch.0 \ )) ifeq ($(OS),WNT) diff --git a/external/libcmis/xwwwformurlencoded.patch.0 b/external/libcmis/xwwwformurlencoded.patch.0 new file mode 100644 index 000000000000..b9f779cc6e80 --- /dev/null +++ b/external/libcmis/xwwwformurlencoded.patch.0 @@ -0,0 +1,59 @@ +--- src/libcmis/oauth2-providers.cxx ++++ src/libcmis/oauth2-providers.cxx +@@ -26,6 +26,8 @@ + * instead of those above. + */ + ++#include <cassert> ++ + #include <libxml/HTMLparser.h> + #include <libxml/xmlreader.h> + +@@ -45,6 +47,29 @@ + #define HTML_PARSE_RECOVER 0 + #endif + ++namespace { ++ ++// See <https://url.spec.whatwg.org/#concept-urlencoded-byte-serializer>: ++void addXWwwFormUrlencoded(std::string * buffer, std::string const & data) { ++ assert(buffer); ++ for (string::const_iterator i = data.begin(); i != data.end(); ++i) { ++ unsigned char c = static_cast<unsigned char>(*i); ++ if (c == ' ' || c == '*' || c == '-' || c == '.' || (c >= '0' && c <= '9') ++ || (c >= 'A' && c <= 'Z') || c == '_' || (c >= 'a' && c <= 'z')) ++ { ++ *buffer += static_cast<char>(c); ++ } else { ++ static const char hex[16] = { ++ '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'}; ++ *buffer += '%'; ++ *buffer += hex[c >> 4]; ++ *buffer += hex[c & 0xF]; ++ } ++ } ++} ++ ++} ++ + string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUrl, + const string& username, const string& password ) + { +@@ -97,7 +120,7 @@ + return string( ); + + loginEmailPost += "Email="; +- loginEmailPost += string( username ); ++ addXWwwFormUrlencoded(&loginEmailPost, username); + + istringstream loginEmailIs( loginEmailPost ); + string loginEmailRes; +@@ -119,7 +142,7 @@ + return string( ); + + loginPasswdPost += "Passwd="; +- loginPasswdPost += string( password ); ++ addXWwwFormUrlencoded(&loginPasswdPost, password); + + istringstream loginPasswdIs( loginPasswdPost ); + string loginPasswdRes; |