diff --git a/RELEASENOTES.md b/RELEASENOTES.md index 1801e82250..32d90d50ee 100644 --- a/RELEASENOTES.md +++ b/RELEASENOTES.md @@ -48,6 +48,8 @@ ([#9346](https://github.com/google/ExoPlayer/issues/9346)). * Fix RTSP Session header handling ([#9416](https://github.com/google/ExoPlayer/issues/9416)). + * Fix RTSP WWW-Authenticate header parsing + ([#9428](https://github.com/google/ExoPlayer/issues/9428)). * UI: * Use `defStyleAttr` when obtaining styled attributes in `StyledPlayerView`, `PlayerView` and `PlayerControlView` diff --git a/library/rtsp/src/main/java/com/google/android/exoplayer2/source/rtsp/RtspMessageUtil.java b/library/rtsp/src/main/java/com/google/android/exoplayer2/source/rtsp/RtspMessageUtil.java index cb969bf374..a7d9227cfe 100644 --- a/library/rtsp/src/main/java/com/google/android/exoplayer2/source/rtsp/RtspMessageUtil.java +++ b/library/rtsp/src/main/java/com/google/android/exoplayer2/source/rtsp/RtspMessageUtil.java @@ -99,13 +99,13 @@ import java.util.regex.Pattern; // WWW-Authenticate header pattern, see RFC2068 Sections 14.46 and RFC2069. private static final Pattern WWW_AUTHENTICATION_HEADER_DIGEST_PATTERN = Pattern.compile( - "Digest realm=\"([\\w\\s@.]+)\"" - + ",\\s?(?:domain=\"(.+)\",\\s?)?" - + "nonce=\"(\\w+)\"" - + "(?:,\\s?opaque=\"(\\w+)\")?"); + "Digest realm=\"([^\"\\x00-\\x08\\x0A-\\x1f\\x7f]+)\"" + + ",\\s?(?:domain=\"(.+)\"" + + ",\\s?)?nonce=\"([^\"\\x00-\\x08\\x0A-\\x1f\\x7f]+)\"" + + "(?:,\\s?opaque=\"([^\"\\x00-\\x08\\x0A-\\x1f\\x7f]+)\")?"); // WWW-Authenticate header pattern, see RFC2068 Section 11.1 and RFC2069. private static final Pattern WWW_AUTHENTICATION_HEADER_BASIC_PATTERN = - Pattern.compile("Basic realm=\"([\\w\\s@.]+)\""); + Pattern.compile("Basic realm=\"([^\"\\x00-\\x08\\x0A-\\x1f\\x7f]+)\""); private static final String RTSP_VERSION = "RTSP/1.0"; private static final String LF = new String(new byte[] {Ascii.LF}); diff --git a/library/rtsp/src/test/java/com/google/android/exoplayer2/source/rtsp/RtspMessageUtilTest.java b/library/rtsp/src/test/java/com/google/android/exoplayer2/source/rtsp/RtspMessageUtilTest.java index 9230c335cd..47e4d98157 100644 --- a/library/rtsp/src/test/java/com/google/android/exoplayer2/source/rtsp/RtspMessageUtilTest.java +++ b/library/rtsp/src/test/java/com/google/android/exoplayer2/source/rtsp/RtspMessageUtilTest.java @@ -452,10 +452,10 @@ public final class RtspMessageUtilTest { @Test public void parseWWWAuthenticateHeader_withBasicAuthentication_succeeds() throws Exception { RtspAuthenticationInfo authenticationInfo = - RtspMessageUtil.parseWwwAuthenticateHeader("Basic realm=\"WallyWorld\""); + RtspMessageUtil.parseWwwAuthenticateHeader("Basic realm=\"Wally - World\""); assertThat(authenticationInfo.authenticationMechanism).isEqualTo(RtspAuthenticationInfo.BASIC); assertThat(authenticationInfo.nonce).isEmpty(); - assertThat(authenticationInfo.realm).isEqualTo("WallyWorld"); + assertThat(authenticationInfo.realm).isEqualTo("Wally - World"); } @Test @@ -463,13 +463,13 @@ public final class RtspMessageUtilTest { throws Exception { RtspAuthenticationInfo authenticationInfo = RtspMessageUtil.parseWwwAuthenticateHeader( - "Digest realm=\"testrealm@host.com\", domain=\"host.com\"," + "Digest realm=\"test-realm@host.com\", domain=\"host.com\"," + " nonce=\"dcd98b7102dd2f0e8b11d0f600bfb0c093\", " + " opaque=\"5ccc069c403ebaf9f0171e9517f40e41\""); assertThat(authenticationInfo.authenticationMechanism).isEqualTo(RtspAuthenticationInfo.DIGEST); assertThat(authenticationInfo.nonce).isEqualTo("dcd98b7102dd2f0e8b11d0f600bfb0c093"); - assertThat(authenticationInfo.realm).isEqualTo("testrealm@host.com"); + assertThat(authenticationInfo.realm).isEqualTo("test-realm@host.com"); assertThat(authenticationInfo.opaque).isEmpty(); }