Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing authorization header with tarball URL + basic auth #7371

Closed
2 of 4 tasks
MKRhere opened this issue Dec 2, 2023 · 3 comments · Fixed by #7376
Closed
2 of 4 tasks

Missing authorization header with tarball URL + basic auth #7371

MKRhere opened this issue Dec 2, 2023 · 3 comments · Fixed by #7376
Labels
type: bug

Comments

@MKRhere
Copy link

MKRhere commented Dec 2, 2023
edited

Verify latest release

  • I verified that the issue exists in the latest pnpm release

pnpm version

8.11.0

Which area(s) of pnpm are affected? (leave empty if unsure)

CLI, Package manager compatibility

Reproduction steps

Run a server that echoes req.headers, such as

import { createServer } from "node:http";

createServer((req, res) => {
	console.log(req.headers);
	res.end();
}).listen(3000);

pnpm add with a secret in the URL:

pnpm add http://secret:user@localhost:3000/pkg

Describe the Bug

The secret is not delivered to the server via an authorization header as it is supposed to be.

Expected Behavior

npm and yarn deliver the token correctly, as the header:

authorization: 'Basic c2VjcmV0OnVzZXI='

which decodes to "secret:user" as expected. pnpm should do the same.

Which Node.js version are you using?

v20.8.1

Which operating systems have you used?

  • macOS
  • Windows
  • Linux

If your OS is a Linux based, which one it is? (Include the version if relevant)

Debian GNU/Linux 12 (bookworm) x86_64 (kernel 6.1.0-13-amd64)
@MKRhere MKRhere mentioned this issue Dec 2, 2023
Open
@KSXGitHub
Copy link
Contributor

One small correction, it should be user:secret, not secret:user. You can confirm it by new URL() on your browser console. (I wasted time debugging this mistake)

KSXGitHub added a commit that referenced this issue Dec 5, 2023
@KSXGitHub
feat: support basic auth header
6d9b772 
Resolves #7371
@KSXGitHub KSXGitHub mentioned this issue Dec 5, 2023
Merged
@MKRhere
Copy link
Author

MKRhere commented Dec 5, 2023
edited

Sorry, that's my bad! It was a typo. Thanks for the PR ❤️

@KSXGitHub
Copy link
Contributor

@MKRhere No worries. I have created a PR: #7376

zkochan added a commit that referenced this issue Dec 5, 2023
@KSXGitHub @zkochan
feat(network): basic auth header (#7376)
3ac0487 
close #7371

---------

Co-authored-by: Zoltan Kochan <z@kochan.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(network): basic auth header pnpm/pnpm
2 participants
@KSXGitHub @MKRhere