Correct ldap username validation. (#2880)
PR #342 was only partially applied. Spaces should not be at the start and end of a username but they can be inside.
This commit is contained in:
parent
134958fd9f
commit
f94e6fd7a5
@ -69,7 +69,7 @@ func (ls *Source) sanitizedUserQuery(username string) (string, bool) {
|
||||
|
||||
func (ls *Source) sanitizedUserDN(username string) (string, bool) {
|
||||
// See http://tools.ietf.org/search/rfc4514: "special characters"
|
||||
badCharacters := "\x00()*\\,='\"#+;<> "
|
||||
badCharacters := "\x00()*\\,='\"#+;<>"
|
||||
if strings.ContainsAny(username, badCharacters) {
|
||||
log.Debug("'%s' contains invalid DN characters. Aborting.", username)
|
||||
return "", false
|
||||
|
Loading…
Reference in New Issue
Block a user