From a60e7ef939ba1cb3f62d766752c5343daf71a036 Mon Sep 17 00:00:00 2001
From: Sean McArthur <sean@seanmonstar.com>
Date: Mon, 26 Aug 2024 20:41:04 -0400
Subject: [PATCH] fix(ext/fetch): percent decode userinfo when parsing proxies

---
 ext/fetch/proxy.rs | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/ext/fetch/proxy.rs b/ext/fetch/proxy.rs
index 32a445d8b90a87..b06e0fb3595828 100644
--- a/ext/fetch/proxy.rs
+++ b/ext/fetch/proxy.rs
@@ -23,6 +23,7 @@ use hyper_util::client::legacy::connect::Connected;
 use hyper_util::client::legacy::connect::Connection;
 use hyper_util::rt::TokioIo;
 use ipnet::IpNet;
+use percent_encoding::percent_decode_str;
 use tokio::net::TcpStream;
 use tokio_rustls::client::TlsStream;
 use tokio_rustls::TlsConnector;
@@ -192,10 +193,12 @@ impl Target {
 
     if let Some((userinfo, host_port)) = authority.as_str().split_once('@') {
       let (user, pass) = userinfo.split_once(':')?;
+      let user = percent_decode_str(user).decode_utf8_lossy();
+      let pass = percent_decode_str(pass).decode_utf8_lossy();
       if is_socks {
         socks_auth = Some((user.into(), pass.into()));
       } else {
-        http_auth = Some(basic_auth(user, Some(pass)));
+        http_auth = Some(basic_auth(&user, Some(&pass)));
       }
       builder = builder.authority(host_port);
     } else {
@@ -773,6 +776,16 @@ fn test_proxy_parse_from_env() {
     _ => panic!("bad target"),
   }
 
+  // percent encoded user info
+  match parse("us%2Fer:p%2Fass@127.0.0.1:6666") {
+    Target::Http { dst, auth } => {
+      assert_eq!(dst, "http://127.0.0.1:6666");
+      let auth = auth.unwrap();
+      assert_eq!(auth.to_str().unwrap(), "Basic dXMvZXI6cC9hc3M=");
+    }
+    _ => panic!("bad target"),
+  }
+
   // socks
   match parse("socks5://user:pass@127.0.0.1:6666") {
     Target::Socks { dst, auth } => {