You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Requests does not accept headers that are subclasses of string or byte.
They are required i.e. to obfuscate secrets in certain environments, so this is also a security related issue.
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/tmp/venv/lib64/python3.10/site-packages/requests/api.py", line 73, in get
return request("get", url, params=params, **kwargs)
File "/tmp/venv/lib64/python3.10/site-packages/requests/api.py", line 59, in request
return session.request(method=method, url=url, **kwargs)
File "/tmp/venv/lib64/python3.10/site-packages/requests/sessions.py", line 573, in request
prep = self.prepare_request(req)
File "/tmp/venv/lib64/python3.10/site-packages/requests/sessions.py", line 484, in prepare_request
p.prepare(
File "/tmp/venv/lib64/python3.10/site-packages/requests/models.py", line 369, in prepare
self.prepare_headers(headers)
File "/tmp/venv/lib64/python3.10/site-packages/requests/models.py", line 491, in prepare_headers
check_header_validity(header)
File "/tmp/venv/lib64/python3.10/site-packages/requests/utils.py", line 1037, in check_header_validity
raise InvalidHeader(
requests.exceptions.InvalidHeader: Header part (Hidden) from {'token': Hidden} must be of type str or bytes, not <class '__main__.Secret'>
Requests does not accept headers that are subclasses of string or byte.
They are required i.e. to obfuscate secrets in certain environments, so this is also a security related issue.
The issue was introduced by e36f345 at June this year by @nateprewitt
A possible fix is given in this PR #6230
Expected Result
Headers are used as they are string/byte.
Actual Result
Reproduction Steps
System Information
The text was updated successfully, but these errors were encountered: