Dont sent plaintext password in requests and use subsonic hex-encoding with legacy auth

2017-11-25 18:14:41 +01:00 · 2017-11-25 18:14:41 +01:00 · 4429451454
parent 313b413fc5
commit 4429451454
1 changed files with 2 additions and 1 deletions
--- a/lib/libsonic_extra/init.py
+++ b/lib/libsonic_extra/init.py
@ -293,7 +293,8 @@ class SubsonicClient(libsonic.Connection):
            parts = list(urlparse.urlparse(
                args[0].get_full_url() + "?" + args[0].data))
            parts[4] = dict(urlparse.parse_qsl(parts[4]))
-            parts[4].update({"u": self.username, "p": self.password})
+            if self._legacyAuth:
+                parts[4].update({"u": self.username, "p": 'enc:%s' % self._hexEnc(self._rawPass)})
            parts[4] = urllib.urlencode(parts[4])

            return urlparse.urlunparse(parts)