Don't percent-encode periods in usernames in WebDAV requests

For some reason nsIURL encodes periods in usernames, even though RFC3986 says not to [1]. (It also says servers should normalize them, and most seem to, but apparently not all [2].) [1] https://tools.ietf.org/html/rfc3986#section-2.3 [2] https://forums.zotero.org/discussion/73127/zotero-will-convert-the-into-2e-in-the-name-of-the-webdav
2018-08-09 15:11:58 -04:00 · 2018-08-09 15:11:58 -04:00 · 276bb99fc9
commit 276bb99fc9
parent 3070af0dc8
1 changed files with 16 additions and 5 deletions
--- a/chrome/content/zotero/xpcom/http.js
+++ b/chrome/content/zotero/xpcom/http.js
@ -123,12 +123,23 @@ Zotero.HTTP = new function() {
 	 */
 	this.request = Zotero.Promise.coroutine(function* (method, url, options = {}) {
 		if (url instanceof Components.interfaces.nsIURI) {
-			// Don't display password in console
-			var dispURL = this.getDisplayURI(url).spec;
+			// Extract username and password from URI and undo Mozilla's excessive percent-encoding
+			options.username = url.username || null;
+			if (options.username) {
+				options.username = options.username.replace(/%2E/, '.');
+				options.password = url.password || null;
+				url = url.clone();
+				url.userPass = '';
+			}
+			
 			url = url.spec;
 		}
-		else {
-			var dispURL = url;
+		
+		var dispURL = url;
+		
+		// Add username:******** to display URL
+		if (options.username) {
+			dispURL = dispURL.replace(/^(https?:\/\/)/, `$1${options.username}:********@`);
 		}
 		
 		// Don't display API key in console
@ -173,7 +184,7 @@ Zotero.HTTP = new function() {
 		if (!options.foreground) {
 			xmlhttp.mozBackgroundRequest = true;
 		}
-		xmlhttp.open(method, url, true);
+		xmlhttp.open(method, url, true, options.username, options.password);
 		
 		// Pass the request to a callback
 		if (options.requestObserver) {