Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-19181

Cannot have an HTTP basic auth username / password longer than 64 characters

    XMLWordPrintable

Details

    • Incident report
    • Status: Open
    • Trivial
    • Resolution: Unresolved
    • 5.0.9
    • None
    • Frontend (F)
    • None

    Description

      Steps to reproduce:

      1. Create a HTTP agent item
      2. Change HTTP authentication to "Basic"
      3. Attempt to input either username or password exceeding 64 characters in length.
      4. (Additionally) Set a macro to the desired string, and use said macro in the username or pasword field of the item instead.

      Result:

      Field length is limited to 64 characters. Additional input is discarded. For anything that uses HTTP Basic usernames / passwords that exceed 64 characters, it's impossible to enter the entire string.

      (Addittionally) When a macro is used for the HTTP username / password, the resulting Basic authorization header omits a username / password that exceeds 64 characters in length. As an example, having an 80 character user and 80 character password will return a header who's value is "Og==", which decodes to ":".

      Expected:

      Field should allow inputting of strings longer than 64 characters for cases where a username / password exceed 64 characters in length (e.g., OPNsense's API key / API secret, which are 80 characters, hard-coded)

       

      (Additionally) When using a macro that exceeds 64 characters in length, the value should be included in the HTTP authorization header as usual, instead of being completely absent.

      Attachments

        Activity

          People

            agavrilovs Aleksandrs Petrovs-Gavrilovs
            Teknikal_Domain Jackson W
            Votes:
            4 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated: