Giters

containerd / nerdctl

contaiNERD CTL - Docker-compatible CLI for containerd, with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

nerdctl login allows passing a username with a colon, which is forbidden by RFC 7617

apostasie opened this issue · comments

commented

Description

Since we do support Basic Auth, we might want to disallow usernames containing colons entirely, or maybe only when we know the registry implements BA.

I do appreciate that MAYBE the first option would break things for people using usernames with a colon, so, maybe we can instead just warn the user when we see one?

Steps to reproduce the issue

  1. nerdctl login
  2. type in a username with a colon

Describe the results you received and expected

If the registry is using basic-auth, authentication will not work.
We should just not try with something that violates the RFC.

What version of nerdctl are you using?

1.7.6

Are you using a variant of nerdctl? (e.g., Rancher Desktop)

None

Host information

No response