[tomcat] branch main updated: BZ 66175 - Use UTF-8 by default for BASIC auth

Mon, 21 Nov 2022 06:24:31 -0800 

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
     new 8004ce03ff BZ 66175 - Use UTF-8 by default for BASIC auth
8004ce03ff is described below

commit 8004ce03ffb84c80d8fb58d02042672457a0866f
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Nov 21 14:24:15 2022 +0000

    BZ 66175 - Use UTF-8 by default for BASIC auth
---
 java/org/apache/catalina/authenticator/BasicAuthenticator.java | 4 ++--
 webapps/docs/changelog.xml                                     | 4 ++++
 webapps/docs/config/valve.xml                                  | 2 +-
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/java/org/apache/catalina/authenticator/BasicAuthenticator.java 
b/java/org/apache/catalina/authenticator/BasicAuthenticator.java
index a1f9c86af4..730323cc46 100644
--- a/java/org/apache/catalina/authenticator/BasicAuthenticator.java
+++ b/java/org/apache/catalina/authenticator/BasicAuthenticator.java
@@ -42,8 +42,8 @@ public class BasicAuthenticator extends AuthenticatorBase {
 
     private final Log log = LogFactory.getLog(BasicAuthenticator.class); // 
must not be static
 
-    private Charset charset = StandardCharsets.ISO_8859_1;
-    private String charsetString = null;
+    private Charset charset = StandardCharsets.UTF_8;
+    private String charsetString = "UTF-8";
     private boolean trimCredentials = true;
 
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 31ca1306d4..648984ef91 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -115,6 +115,10 @@
   </subsection>
   <subsection name="Catalina">
     <changelog>
+      <fix>
+        <bug>66175</bug>: Change the default character set used by the
+        <code>BasicAuthenticator</code> from ISO-8859-1 to UTF-8. (markt)
+      </fix>
       <add>
         <bug>66209</bug>: Add a configuration option to allow bloom filters 
used
         to index JAR files to be retained for the lifetime of the web
diff --git a/webapps/docs/config/valve.xml b/webapps/docs/config/valve.xml
index 4459000821..85272084c9 100644
--- a/webapps/docs/config/valve.xml
+++ b/webapps/docs/config/valve.xml
@@ -1382,7 +1382,7 @@
         from bytes to characters using UTF-8. Otherwise, no 
<code>charset</code>
         authentication parameter will be sent and the provided user name and
         optional password will be converted from bytes to characters using
-        ISO-8859-1. The default value is <code>null</code></p>
+        ISO-8859-1. The default value is <code>UTF-8</code></p>
       </attribute>
 
       <attribute name="className" required="true">


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to