Browse Source
Fix email header base64 padding (#6961 )
Newer versions of the Bitwarden client use Base64 with padding.
Since this is not a streaming string, but a defined length, we can just strip the `=` chars.
Fixes #6960
Signed-off-by: BlackDex <black.dex@gmail.com>
Mathijs van Veluw
6 days ago
GitHub
GPG Key ID:
1 changed files with
5 additions and
0 deletions
src/api/core/accounts.rs
@ -1328,6 +1328,11 @@ impl<'r> FromRequest<'r> for KnownDevice {
async fn from_request ( req : & 'r Request < '_ > ) -> Outcome < Self , Self ::Error > { async fn from_request ( req : & 'r Request < '_ > ) -> Outcome < Self , Self ::Error > {
let email = if let Some ( email_b64 ) = req . headers ( ) . get_one ( "X-Request-Email" ) { let email = if let Some ( email_b64 ) = req . headers ( ) . get_one ( "X-Request-Email" ) {
// Bitwarden seems to send padded Base64 strings since 2026.2.1
// Since these values are not streamed and Headers are always split by newlines
// we can safely ignore padding here and remove any '=' appended.
let email_b64 = email_b64 . trim_end_matches ( '=' ) ;
let Ok ( email_bytes ) = data_encoding ::BASE64URL_NOPAD . decode ( email_b64 . as_bytes ( ) ) else { let Ok ( email_bytes ) = data_encoding ::BASE64URL_NOPAD . decode ( email_b64 . as_bytes ( ) ) else {
return Outcome ::Error ( ( Status ::BadRequest , "X-Request-Email value failed to decode as base64url" ) ) ; return Outcome ::Error ( ( Status ::BadRequest , "X-Request-Email value failed to decode as base64url" ) ) ;
} ; } ;
Mathijs van Veluw
6 days ago
GitHub