passport icon indicating copy to clipboard operation
passport copied to clipboard
verified publisher icon jaredhanson

HTTP Strategy abandoned and broken

Open ansibleguy76 opened this issue 2 years ago • 1 comments

The basic strategy project is abandoned and flawed. A simple example : you can have a colon ":" in the password. The github "https://github.com/jaredhanson/passport-http" has even 28 pull requests, including for this issue and still it's ignored.

I recommend to archive the project and advertise "github.com/AaronDewes/modern-passport-http" in your documentation, which is not abandoned and addresses the issues AND it's 100% compatible

Expected behavior

The most basic authentication is flawed. A colon is a valid character for a password and should simple not break this awesome project. The user should get authenticated

Actual behavior

You get a wrong password error

Steps to reproduce

Implement basic authentication and use colon in your password

Environment

  • Operating System:
  • Node version: 16.14.0
  • passport version: 0.6.0

ansibleguy76 avatar Feb 19 '23 08:02 ansibleguy76

It appears this issue should have filed in the passport-http project, not here: https://github.com/jaredhanson/passport-http

markstos avatar Jun 12 '23 19:06 markstos