RapiDoc
RapiDoc copied to clipboard
Basic Auth credentials are not encoded
Hi.
We discovered this today. The "try it" feature is broken for credentials using non-ASCII characters.
Server-side, we expect utf-8
credentials. To be fair, there doesn't seem to be a consensus about which encoding to use:
- https://stackoverflow.com/questions/7242316/what-encoding-should-i-use-for-http-basic-authentication
- https://github.com/psf/requests/issues/4564
- https://github.com/miguelgrinberg/Flask-HTTPAuth/issues/151
Anyway, here's a link to the very same issue on Swagger-UI that explains things better than I would: https://github.com/swagger-api/swagger-ui/issues/2456. Spoiler: they internalized btoa and used utf-8
.
Thanks again for RapiDoc. Our OpenAPI UI of choice. Have a nice day.