Default encoding should probably be latin-1 as some RFC seems to imply it.

2024-09-21 03:19:00 +03:00 · 2012-11-23 01:11:09 +01:00 · 2012-11-23 01:11:09 +01:00 · b68263fb65
commit b68263fb65
parent 4007b56457
3 changed files with 4 additions and 4 deletions
--- a/rest_framework/authentication.py
+++ b/rest_framework/authentication.py
@ -40,7 +40,7 @@ class BasicAuthentication(BaseAuthentication):
            auth = request.META['HTTP_AUTHORIZATION'].split()
            if len(auth) == 2 and auth[0].lower() == "basic":
                try:
-                    auth_parts = base64.b64decode(auth[1].encode('utf8')).decode('utf8').partition(':')
+                    auth_parts = base64.b64decode(auth[1].encode('iso-8859-1')).decode('iso-8859-1').partition(':')
                except TypeError:
                    return None

--- a/rest_framework/tests/authentication.py
+++ b/rest_framework/tests/authentication.py
@ -44,13 +44,13 @@ class BasicAuthTests(TestCase):

    def test_post_form_passing_basic_auth(self):
        """Ensure POSTing json over basic auth with correct credentials passes and does not require CSRF"""
-        auth = 'Basic ' + base64.encodestring(('%s:%s' % (self.username, self.password)).encode('utf8')).strip().decode('utf8')
+        auth = 'Basic ' + base64.encodestring(('%s:%s' % (self.username, self.password)).encode('iso-8859-1')).strip().decode('iso-8859-1')
        response = self.csrf_client.post('/', {'example': 'example'}, HTTP_AUTHORIZATION=auth)
        self.assertEqual(response.status_code, 200)

    def test_post_json_passing_basic_auth(self):
        """Ensure POSTing form over basic auth with correct credentials passes and does not require CSRF"""
-        auth = 'Basic ' + base64.encodestring(('%s:%s' % (self.username, self.password)).encode('utf8')).strip().decode('utf8')
+        auth = 'Basic ' + base64.encodestring(('%s:%s' % (self.username, self.password)).encode('iso-8859-1')).strip().decode('iso-8859-1')
        response = self.csrf_client.post('/', json.dumps({'example': 'example'}), 'application/json', HTTP_AUTHORIZATION=auth)
        self.assertEqual(response.status_code, 200)

--- a/rest_framework/utils/mediatypes.py
+++ b/rest_framework/utils/mediatypes.py
@ -47,7 +47,7 @@ class _MediaType(object):
        if media_type_str is None:
            media_type_str = ''
        self.orig = media_type_str
-        self.full_type, self.params = parse_header(media_type_str.encode('utf8'))
+        self.full_type, self.params = parse_header(media_type_str.encode('iso-8859-1'))
        self.main_type, sep, self.sub_type = self.full_type.partition('/')

    def match(self, other):