dotnet · stephentoub · Nov 3, 2021 · Nov 2, 2021 · Nov 2, 2021 · Nov 3, 2021
diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs
@@ -203,7 +203,7 @@ public static IEnumerable<object[]> Authentication_TestData()
         {
             yield return new object[] { "Basic realm=\"testrealm\"", true };
             yield return new object[] { "Basic ", true };
-            yield return new object[] { "Basic realm=withoutquotes", true };
+            yield return new object[] { "Basic realm=PLACEHOLDERwithoutquotes", true };
             yield return new object[] { "basic ", true };
             yield return new object[] { "bAsiC ", true };
             yield return new object[] { "basic", true };

diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.RemoteServer.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.RemoteServer.cs
@@ -136,7 +136,7 @@ public async Task GetAsync_ServerNeedsBasicAuthAndSetDefaultCredentials_StatusCo
             handler.Credentials = CredentialCache.DefaultCredentials;
             using (HttpClient client = CreateHttpClientForRemoteServer(remoteServer, handler))
             {
-                Uri uri = remoteServer.BasicAuthUriForCreds(userName: Username, password: Password);
+                Uri uri = remoteServer.BasicAuthUriForCreds(Username, Password);
                 using (HttpResponseMessage response = await client.GetAsync(uri))
                 {
                     Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
@@ -153,7 +153,7 @@ public async Task GetAsync_ServerNeedsAuthAndSetCredential_StatusCodeOK(Configur
             handler.Credentials = _credential;
             using (HttpClient client = CreateHttpClientForRemoteServer(remoteServer, handler))
             {
-                Uri uri = remoteServer.BasicAuthUriForCreds(userName: Username, password: Password);
+                Uri uri = remoteServer.BasicAuthUriForCreds(Username, Password);
                 using (HttpResponseMessage response = await client.GetAsync(uri))
                 {
                     Assert.Equal(HttpStatusCode.OK, response.StatusCode);
@@ -167,7 +167,7 @@ public async Task GetAsync_ServerNeedsAuthAndNoCredential_StatusCodeUnauthorized
         {
             using (HttpClient client = CreateHttpClientForRemoteServer(remoteServer))
             {
-                Uri uri = remoteServer.BasicAuthUriForCreds(userName: Username, password: Password);
+                Uri uri = remoteServer.BasicAuthUriForCreds(Username, Password);
                 using (HttpResponseMessage response = await client.GetAsync(uri))
                 {
                     Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
@@ -1033,7 +1033,7 @@ public async Task GetAsync_AllowAutoRedirectTrue_RedirectToUriWithParams_Request
         {
             HttpClientHandler handler = CreateHttpClientHandler();
             handler.AllowAutoRedirect = true;
-            Uri targetUri = remoteServer.BasicAuthUriForCreds(userName: Username, password: Password);
+            Uri targetUri = remoteServer.BasicAuthUriForCreds(Username, Password);
             using (HttpClient client = CreateHttpClientForRemoteServer(remoteServer, handler))
             {
                 Uri uri = remoteServer.RedirectUriForDestinationUri(
@@ -1133,8 +1133,8 @@ public async Task GetAsync_CredentialIsNetworkCredentialUriRedirect_StatusCodeUn
             {
                 Uri redirectUri = remoteServer.RedirectUriForCreds(
                     statusCode: 302,
-                    userName: Username,
-                    password: Password);
+                    Username,
+                    Password);
                 using (HttpResponseMessage unAuthResponse = await client.GetAsync(redirectUri))
                 {
                     Assert.Equal(HttpStatusCode.Unauthorized, unAuthResponse.StatusCode);
@@ -1153,15 +1153,15 @@ public async Task HttpClientHandler_CredentialIsNotCredentialCacheAfterRedirect_
             {
                 Uri redirectUri = remoteServer.RedirectUriForCreds(
                     statusCode: 302,
-                    userName: Username,
-                    password: Password);
+                    Username,
+                    Password);
                 using (HttpResponseMessage unAuthResponse = await client.GetAsync(redirectUri))
                 {
                     Assert.Equal(HttpStatusCode.Unauthorized, unAuthResponse.StatusCode);
                 }
 
                 // Use the same handler to perform get request, authentication should succeed after redirect.
-                Uri uri = remoteServer.BasicAuthUriForCreds(userName: Username, password: Password);
+                Uri uri = remoteServer.BasicAuthUriForCreds(Username, Password);
                 using (HttpResponseMessage authResponse = await client.GetAsync(uri))
                 {
                     Assert.Equal(HttpStatusCode.OK, authResponse.StatusCode);
@@ -1180,11 +1180,11 @@ public async Task GetAsync_CredentialIsCredentialCacheUriRedirect_StatusCodeOK(C
                 return;
             }
 
-            Uri uri = remoteServer.BasicAuthUriForCreds(userName: Username, password: Password);
+            Uri uri = remoteServer.BasicAuthUriForCreds(Username, Password);
             Uri redirectUri = remoteServer.RedirectUriForCreds(
                 statusCode: statusCode,
-                userName: Username,
-                password: Password);
+                Username,
+                Password);
             _output.WriteLine(uri.AbsoluteUri);
             _output.WriteLine(redirectUri.AbsoluteUri);
             var credentialCache = new CredentialCache();

diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs
@@ -399,7 +399,7 @@ public async Task PostAsync_ManyDifferentRequestHeaders_SentCorrectly()
             }
 
             const string content = "hello world";
-
+            string authSafeValue = "QWxhZGRpbjpvcGVuIHNlc2FtZQ==";
             // Using examples from https://en.wikipedia.org/wiki/List_of_HTTP_header_fields#Request_fields
             // Exercises all exposed request.Headers and request.Content.Headers strongly-typed properties
             await LoopbackServerFactory.CreateClientAndServerAsync(async uri =>
@@ -421,7 +421,7 @@ await LoopbackServerFactory.CreateClientAndServerAsync(async uri =>
                     request.Headers.Add("Access-Control-Request-Method", "GET");
                     request.Headers.Add("Access-Control-Request-Headers", "GET");
                     request.Headers.Add("Age", "12");
-                    request.Headers.Authorization = new AuthenticationHeaderValue("Basic", "QWxhZGRpbjpvcGVuIHNlc2FtZQ==");
+                    request.Headers.Authorization = new AuthenticationHeaderValue("Basic", authSafeValue);
                     request.Headers.CacheControl = new CacheControlHeaderValue() { NoCache = true };
                     request.Headers.Connection.Add("close");
                     request.Headers.Add("Cookie", "$Version=1; Skin=new");
@@ -444,7 +444,7 @@ await LoopbackServerFactory.CreateClientAndServerAsync(async uri =>
                     request.Headers.MaxForwards = 10;
                     request.Headers.Add("Origin", "http://www.example-social-network.com");
                     request.Headers.Pragma.Add(new NameValueHeaderValue("no-cache"));
-                    request.Headers.ProxyAuthorization = new AuthenticationHeaderValue("Basic", "QWxhZGRpbjpvcGVuIHNlc2FtZQ==");
+                    request.Headers.ProxyAuthorization = new AuthenticationHeaderValue("Basic", authSafeValue);
                     request.Headers.Range = new RangeHeaderValue(500, 999);
                     request.Headers.Referrer = new Uri("http://en.wikipedia.org/wiki/Main_Page");
                     request.Headers.TE.Add(new TransferCodingWithQualityHeaderValue("trailers"));
@@ -504,15 +504,15 @@ await LoopbackServerFactory.CreateClientAndServerAsync(async uri =>
                         Assert.Equal("GET", requestData.GetSingleHeaderValue("Access-Control-Request-Headers"));
                     }
                     Assert.Equal("12", requestData.GetSingleHeaderValue("Age"));
-                    Assert.Equal("Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", requestData.GetSingleHeaderValue("Authorization"));
+                    Assert.Equal($"Basic {authSafeValue}", requestData.GetSingleHeaderValue("Authorization"));
                     Assert.Equal("no-cache", requestData.GetSingleHeaderValue("Cache-Control"));
                     if (PlatformDetection.IsNotBrowser)
                     {
                         Assert.Equal("$Version=1; Skin=new", requestData.GetSingleHeaderValue("Cookie"));
                         Assert.Equal("Tue, 15 Nov 1994 08:12:31 GMT", requestData.GetSingleHeaderValue("Date"));
                         Assert.Equal("100-continue", requestData.GetSingleHeaderValue("Expect"));
                         Assert.Equal("http://www.example-social-network.com", requestData.GetSingleHeaderValue("Origin"));
-                        Assert.Equal("Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", requestData.GetSingleHeaderValue("Proxy-Authorization"));
+                        Assert.Equal($"Basic {authSafeValue}", requestData.GetSingleHeaderValue("Proxy-Authorization"));
                         Assert.Equal("Mozilla/5.0", requestData.GetSingleHeaderValue("User-Agent"));
                         Assert.Equal("http://en.wikipedia.org/wiki/Main_Page", requestData.GetSingleHeaderValue("Referer"));
                         Assert.Equal("MyTrailer", requestData.GetSingleHeaderValue("Trailer"));