Bug 344413

Summary: HTTP Basic authentication password is encoded as Latin-1 / ISO-8859-1
Product: [Frameworks and Libraries] frameworks-kio Reporter: Shane <shane>
Component: HTTPAssignee: Rolf Eike Beer <kde>
Status: CONFIRMED ---    
Severity: normal CC: adawit, ahartmetz, greg, kde, kdelibs-bugs-null, montel, mss
Priority: NOR    
Version First Reported In: 5.109.0   
Target Milestone: ---   
Platform: Debian unstable   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Shane 2015-02-20 23:13:24 UTC 
I've been trying to configure a DAV resource with Kontact that connects to an ownCloud server without success.

I figured out from inspecting the logs on the server that the password (which contains non-ASCII characters) is being transmitted encoded as Latin1, while the server expects UTF-8.

For what it's worth, Kmail works fine with the same password.

Reproducible: Always

Steps to Reproduce:
1. Set up a CardDAV or CalDAV account on a server that uses a password with non-ASCII characters.
2. Try to add this account in Kontact/KAddressBook

Actual Results:  
The CardDAV/CalDAV resource will fail to authenticate with the server, even though the password is correct, because of character encoding issues.

Expected Results:  
The CardDAV/CalDAV resource authenticates correctly.
Comment 1 Grégory Oestreicher 2015-08-20 21:37:04 UTC 
Yup, there's a conversion done in frameworks/kio/src/ioslaves/http/httpauthentication.cpp:386 so re-assigning to KIO.

However it seems that deciding on the character encoding is left to the browser, though the HTTP RFC seems to say that it must be ISO-8859-1 unless encoded as MIME according to RFC2047 but support for this is non-existent and it's left mostly to the implementer appreciation.
Comment 2 Malte S. Stretz 2023-09-03 14:55:48 UTC 
I stumbled upon this oldish bug by accident and supposed it was fixed by now by implementing RFC 7617 (https://www.rfc-editor.org/rfc/rfc7617#section-2.1).

But it looks like this is still not supported: https://invent.kde.org/frameworks/kio/-/blob/v5.109.0/src/kioworkers/http/httpauthentication.cpp?ref_type=tags#L380