diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2020-08-29 12:16:20 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2020-08-29 12:16:20 +0200 |
| commit | 48345403df50860a342f53900599e75f5b5efb84 (patch) | |
| tree | 3eecfaf4053b826e9906067eda0582e7c943f1c1 /app/Controllers/feedController.php | |
| parent | 20d0f9cd762ce09f392a103abcfe1d18e2c63654 (diff) | |
Trim whitespace for feed passwords (#3158)
We output a space by default in the user interface for setting feed
passwords, in order to prevent aggressive password autocompletion
https://github.com/FreshRSS/FreshRSS/pull/881
However, user might not always override this white space when entering
the password. So here we trim.
(I believe legitimate leading / trailing spaces in passwords are
sufficiently rare not to be a problem)
Diffstat (limited to 'app/Controllers/feedController.php')
| -rwxr-xr-x | app/Controllers/feedController.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php index c0843ffba..2fc0734db 100755 --- a/app/Controllers/feedController.php +++ b/app/Controllers/feedController.php @@ -160,7 +160,7 @@ class FreshRSS_feed_Controller extends Minz_ActionController { // HTTP information are useful if feed is protected behind a // HTTP authentication $user = trim(Minz_Request::param('http_user', '')); - $pass = Minz_Request::param('http_pass', ''); + $pass = trim(Minz_Request::param('http_pass', '')); $http_auth = ''; if ($user != '' && $pass != '') { //TODO: Sanitize $http_auth = $user . ':' . $pass; |