From 0d449f61fca52905c08385ab1bed3fd1412555ad Mon Sep 17 00:00:00 2001
From: thc202 <thc202@gmail.com>
Date: Mon, 27 Oct 2025 16:28:31 +0000
Subject: [PATCH] Fix error importing context with auth script

Correct the conversion from/to map/string to ensure the script
parameters are properly exported/imported.

Signed-off-by: thc202 <thc202@gmail.com>
---
 .../org/zaproxy/zap/utils/EncodingUtils.java  |  5 +-
 .../zap/utils/EncodingUtilsUnitTest.java      | 69 +++++++++++++++++++
 zap/zap.gradle.kts                            |  1 +
 3 files changed, 74 insertions(+), 1 deletion(-)
 create mode 100644 zap/src/test/java/org/zaproxy/zap/utils/EncodingUtilsUnitTest.java

diff --git a/zap/src/main/java/org/zaproxy/zap/utils/EncodingUtils.java b/zap/src/main/java/org/zaproxy/zap/utils/EncodingUtils.java
index ad1fe3f15cf..5797ce3eee8 100644
--- a/zap/src/main/java/org/zaproxy/zap/utils/EncodingUtils.java
+++ b/zap/src/main/java/org/zaproxy/zap/utils/EncodingUtils.java
@@ -43,10 +43,13 @@ public static String mapToString(Map<String, String> map) {
 
     public static Map<String, String> stringToMap(String input) {
         Map<String, String> map = new HashMap<>();
+        if (input.isEmpty()) {
+            return map;
+        }
 
         String[] nameValuePairs = input.split("&");
         for (String nameValuePair : nameValuePairs) {
-            String[] nameValue = nameValuePair.split(":");
+            String[] nameValue = nameValuePair.split(":", 2);
             map.put(
                     new String(Base64.decodeBase64(nameValue[0])),
                     nameValue.length > 1 ? new String(Base64.decodeBase64(nameValue[1])) : "");
diff --git a/zap/src/test/java/org/zaproxy/zap/utils/EncodingUtilsUnitTest.java b/zap/src/test/java/org/zaproxy/zap/utils/EncodingUtilsUnitTest.java
new file mode 100644
index 00000000000..5d7298f6e3d
--- /dev/null
+++ b/zap/src/test/java/org/zaproxy/zap/utils/EncodingUtilsUnitTest.java
@@ -0,0 +1,69 @@
+/*
+ * Zed Attack Proxy (ZAP) and its related class files.
+ *
+ * ZAP is an HTTP/HTTPS proxy for assessing web application security.
+ *
+ * Copyright 2025 The ZAP Development Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.zaproxy.zap.utils;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.entry;
+
+import java.util.Map;
+import org.junit.jupiter.api.Test;
+
+class EncodingUtilsUnitTest {
+
+    @Test
+    void shouldEncodeEmptyMapToEmptyString() {
+        // Given
+        Map<String, String> input = Map.of();
+        // When
+        String result = EncodingUtils.mapToString(input);
+        // Then
+        assertThat(result).isEmpty();
+    }
+
+    @Test
+    void shouldEncodeEmptyMapEntryToEmptyPairString() {
+        // Given
+        Map<String, String> input = Map.of("", "");
+        // When
+        String result = EncodingUtils.mapToString(input);
+        // Then
+        assertThat(result).isEqualTo(":");
+    }
+
+    @Test
+    void shouldDecodeEmptyStringToEmptyMap() {
+        // Given
+        String input = "";
+        // When
+        Map<String, String> result = EncodingUtils.stringToMap(input);
+        // Then
+        assertThat(result).isEmpty();
+    }
+
+    @Test
+    void shouldDecodeEmptyPairStringToEmptyMapEntry() {
+        // Given
+        String input = ":";
+        // When
+        Map<String, String> result = EncodingUtils.stringToMap(input);
+        // Then
+        assertThat(result).contains(entry("", ""));
+    }
+}
diff --git a/zap/zap.gradle.kts b/zap/zap.gradle.kts
index 0000eebc679..c31c96e41fd 100644
--- a/zap/zap.gradle.kts
+++ b/zap/zap.gradle.kts
@@ -128,6 +128,7 @@ dependencies {
     testCompileOnly("com.google.code.findbugs:findbugs-annotations:3.0.1")
 
     testImplementation("net.bytebuddy:byte-buddy:1.17.4")
+    testImplementation("org.assertj:assertj-core:3.27.6")
     testImplementation("org.hamcrest:hamcrest-core:3.0")
     testImplementation("org.junit.jupiter:junit-jupiter:5.12.1")
     testRuntimeOnly("org.junit.platform:junit-platform-launcher")