Hello! On Wed, Apr 06, 2016 at 06:32:25PM +0300, Дениска-редиска wrote:
> Hello, > > looks like there is a bug in nginx 1.8.1 in mail proxy code which used for > authorization: > backslash becomes stripped from password when quoted in imap command: > > * OK IMAP4 ready > p LOGIN "testdev" ",\REz=#tPc" > p NO Invalid login or password This should be "p BAD Syntax error", but nginx doesn't care to check syntax so strictly and allows any character after a backslash. Quoting RFC 3501, http://tools.ietf.org/html/rfc3501#section-9: : quoted = DQUOTE *QUOTED-CHAR DQUOTE : : QUOTED-CHAR = <any TEXT-CHAR except quoted-specials> / : "\" quoted-specials : : quoted-specials = DQUOTE / "\" In summary: fix the client. -- Maxim Dounin http://nginx.org/ _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
