nats.rs
nats.rs copied to clipboard
The NATS url needs to manually percent decode the username and the password
We've had this issue reported for lettre
and I believe nats.rs has it too
https://github.com/lettre/lettre/issues/931
The url
crate doesn't percent decode the username and the password, so credentials containing characters like #
don't work. Here the credentials should be percent decoded: https://github.com/nats-io/nats.rs/blob/8c783e05b21e1733b1f3453449df5580aaf3f886/async-nats/src/lib.rs#L1415-L1427
Thanks for letting us know.
The impact should be really small, as if you're using ConnectOptions
with username and password, we are not passing credentials in URL, but in Connect
protocol message.
Only case that affects Rust NATS client is when someone manually passes username and password in the NATS url.