From b724adbed095f9fd023f917f0257b9b9ad31eabb Mon Sep 17 00:00:00 2001
From: Vikas Kawadia <vikas@nextdoor.com>
Date: Wed, 12 Oct 2016 09:37:24 -0700
Subject: [PATCH] Raise ValueError if BasicAuth login has a ":"

---
 CHANGES.rst           | 2 ++
 CONTRIBUTORS.txt      | 1 +
 aiohttp/helpers.py    | 4 ++++
 tests/test_helpers.py | 5 +++++
 4 files changed, 12 insertions(+)

diff --git a/CHANGES.rst b/CHANGES.rst
index 6c71b36d9bc..0246e5a6875 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -231,3 +231,5 @@ CHANGES
   domains (BACKWARD INCOMPATIBLE) #1125
 
 - Support binary Content-Transfer-Encoding #1169
+
+- Raise ValueError if BasicAuth login has a ":"  
diff --git a/CONTRIBUTORS.txt b/CONTRIBUTORS.txt
index 453f7d00e94..21b30c336f6 100644
--- a/CONTRIBUTORS.txt
+++ b/CONTRIBUTORS.txt
@@ -138,3 +138,4 @@ Yusuke Tsutsumi
 Семён Марьясин
 Pau Freixes
 Alexey Firsov
+Vikas Kawadia
diff --git a/aiohttp/helpers.py b/aiohttp/helpers.py
index 6cbf534004a..caa1705720f 100644
--- a/aiohttp/helpers.py
+++ b/aiohttp/helpers.py
@@ -47,6 +47,10 @@ def __new__(cls, login, password='', encoding='latin1'):
         if password is None:
             raise ValueError('None is not allowed as password value')
 
+        if ':' in login:
+            raise ValueError(
+                'A ":" is not allowed in login (RFC 1945#section-11.1)')
+
         return super().__new__(cls, login, password, encoding)
 
     @classmethod
diff --git a/tests/test_helpers.py b/tests/test_helpers.py
index e658c046ff9..e0947981f3c 100644
--- a/tests/test_helpers.py
+++ b/tests/test_helpers.py
@@ -60,6 +60,11 @@ def test_basic_auth2():
         helpers.BasicAuth('nkim', None)
 
 
+def test_basic_with_auth_colon_in_login():
+    with pytest.raises(ValueError):
+        helpers.BasicAuth('nkim:1', 'pwd')
+
+
 def test_basic_auth3():
     auth = helpers.BasicAuth('nkim')
     assert auth.login == 'nkim'