mirror of
https://github.com/ZoneMinder/zoneminder.git
synced 2026-06-21 12:09:31 -04:00
74ffa45c7e
The credential-handling rewrite of the address captured only the host ([^:/]+) and rebuilt the address without the port or path, and the http/https branches below then forced the port to 80/443 regardless of what the operator configured. Any ControlAddress with credentials and a non-standard port resolved to port 80. Capture the full remainder after the @ so port and path survive, and take the port from URI->port() which returns the explicit port or the scheme default. The pre-escape applied to legacy non-url-encoded passwords also escaped % itself, so a url-encoded password (e.g. %40 for @) round-tripped still encoded instead of decoding, and ua->credentials() then received the wrong password for basic auth. Leave % unescaped so encoded passwords decode while legacy raw passwords still pass through unchanged. Verified with parse_ControlAddress over: plain credentials with default and non-standard ports, url-encoded @ in password, legacy raw passwords containing space and literal %, full URL with path, credential-less host:port, and https default port. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>