FileZilla may submit wrong password for a anonymous account

[base10k]

When using the Quickconnect bar to connect to a server with the username "anonymous" it seems that FileZilla ignores the entered password and submits a default password.

Workarounds,

If you control the server:
- create the account with the username of "anon" instead of "anonymous".
- Configure the server to accept all passwords for an account with the username "anonymous" (not always preferable, anonymous does not mean open to all).
- Change the password of the account to match FileZilla's default anonymous password (same problem as above, this would give access to everyone using FileZilla).

If you only control the client:
- Add the account into the Site manager and select the logontype "normal", this will cause your password to be written to disk in cleartext, not preferable on shared computers (easily recovered even if deleted, unless you 'shred' the file or it is overwritten)

Notes:
FileZilla version: 3.1.2 (Linux AMD64).
I was connecting to an account using sftp. (the server was openSSH's internal-sftp, version 5.1)

[buzzard]

I'm able to replicate the same issue with version 3.2.2.1 while setting up vsftpd to use white listed anonymous logins.

My 20c bet is on line 203 in CServer::ParseUrl() ( src/engine/server.cpp)

[JNKCoetzee]

Patch for Ticket #4206

[JNKCoetzee]

Added the attached patch.

Now checks if password is blank too, before assuming logonType = ANONYMOUS.

[KDJ]

Looks good, will have to wait and see if it makes a release, might take some time though

[codesquid]

Thanks for the patch.

I've made a couple of changes so that empty username is still handled correctly.