{
"subject": "Re: JSON-RPC password",
"content": {
"format": "html",
"body": "<div class=\"post\"><div class=\"quoteheader\"><a href=\"https://bitcointalk.org/index.php?topic=461.msg5738#msg5738\">Quote from: lachesis on July 25, 2010, 07:52:35 PM</a></div><div class=\"quote\">I found what appears to be a bug: with a long enough username and password combination, the base64 encoder in bitcoind produces authorization headers that look like this:<br/><div class=\"codeheader\">Code:</div><div class=\"code\">...<br/>Authorization: Basic YWJiYWJiYWFiYmE6aGVsbG93b3JsZGhlbGxvd29ybGRoZWxsb3dvcmxkaGVsbG93<br/>b3JsZGhlbGxvd29ybGRoZWxsb3dvcmxk<br/></div>It inserts a newline every 64 characters, which obviously breaks the Authorization header, so commands like \"bitcoin getinfo\" fail. The server still works fine with properly behaving clients.<br/><br/>This can be solved by removing the newlines (and maybe '\r's) from result at the end of the Base64Encode function:<br/><div class=\"codeheader\">Code:</div><div class=\"code\">result.erase(std::remove(result.begin(), result.end(), '\n'), result.end());<br/>result.erase(std::remove(result.begin(), result.end(), '\r'), result.end());<br/></div></div>+1 to you for having such a long password that you found this bug.<br/><br/>Uploaded to SVN as rev 110.<br/></div>"
},
"source": {
"name": "Bitcoin Forum",
"url": "https://bitcointalk.org/index.php?topic=461.msg5767#msg5767"
},
"date": "2010-07-25T21:34:29Z"
}