Authorization parameter parsing fails on invalid value #2955
Description
Steps to reproduce
>>> from werkzeug.datastructures import Authorization
>>> Authorization.from_header("Digest =foo")
---------------------------------------------------------------------------
IndexError Traceback (most recent call last)
Cell In[2], line 1
----> 1 Authorization.from_header("Digest =foo")
File ~/Downloads/.venv/lib/python3.12/site-packages/werkzeug/datastructures/auth.py:114, in Authorization.from_header(cls, value)
110 return cls(scheme, {"username": username, "password": password})
112 if "=" in rest.rstrip("="):
113 # = that is not trailing, this is parameters.
--> 114 return cls(scheme, parse_dict_header(rest), None)
116 # No = or only trailing =, this is a token.
117 return cls(scheme, None, rest)
File ~/Downloads/.venv/lib/python3.12/site-packages/werkzeug/http.py:371, in parse_dict_header(value)
368 value = value.strip()
369 encoding: str | None = None
--> 371 if key[-1] == "*":
372 # key*=charset''value becomes key=value, where value is percent encoded
373 # adapted from parse_options_header, without the continuation handling
374 key = key[:-1]
375 match = _charset_value_re.match(value)
IndexError: string index out of range
Expected behavior
Gracefully handle invalid inputs by skipping them
Environment
- Python version:
3.12.7 - Werkzeug version:
3.0.4