[Bug 66175] New: Consider changing BasicAuthenticator to default to charset="UTF"

bugzilla Thu, 21 Jul 2022 13:04:32 -0700

https://bz.apache.org/bugzilla/show_bug.cgi?id=66175


            Bug ID: 66175
           Summary: Consider changing BasicAuthenticator to default to
                    charset="UTF"
           Product: Tomcat 10
           Version: 10.1.0-M17
          Hardware: PC
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: Catalina
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: ------

A support for using UTF-8 with BasicAuthenticator has already been implemented
since Tomcat 9.0.0 (in September 2017) - Bug 61280.

I think we may consider to change the default in BasicAuthenticator to be UTF-8
nowadays, for Tomcat 10.1 onwards.


Testing with Firefox 102 (see my comment in bug 66174), it does accept the
charset=UTF-8 parameter in the value of a WWW-Authenticate response header.

Moreover, regardless of whether such charset parameter was present is a
response header, Firefox encodes the credentials of a subsequent request with
UTF-8. The BasicAuthenticator by default expects ISO-8859-1 and cannot decode
them. - Tested with Apache Tomcat 9.0.65 and the manager web application.

See also: Bug 66174
https://cwiki.apache.org/confluence/display/TOMCAT/Character+Encoding#CharacterEncoding-Q10

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[Bug 66175] New: Consider changing BasicAuthenticator to default to charset="UTF"

Reply via email to