If the user/pass aren't escaped, the userinfo will be ambiguous and we
won't know where to split. We will accidentally get it right if the :
belongs in the password.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/1481>
return;
}
+ /* Check that the first occurence is also the last occurence */
+ if (colon != g_strrstr (userinfo, ":"))
+ GST_WARNING ("userinfo %s contains more than one ':', will assume that the "
+ "first ':' delineates user:pass. You should escape the user and pass "
+ "before adding to the URI.", userinfo);
+
*user = g_strndup (userinfo, colon - userinfo);
*pass = g_strdup (&colon[1]);
}
goto out;
}
+ if (g_strrstr (split[1], ":") != NULL)
+ GST_WARNING_OBJECT (self, "userinfo %s contains more than one ':', will "
+ "assume that the first ':' delineates user:pass. You should escape "
+ "the user and pass before adding to the URI.", userinfo);
+
g_object_set (self, "username", split[0], "password", split[1], NULL);
g_strfreev (split);
}