New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
urllib2 AuthHandlers can pass a bad host to HTTPPasswordMgr #39958
Comments
If the Request object being used returns a URI with a If Request.get_full_url() or Request.get_host() returns |
Logged In: YES I've made up a file with some source code and comments that |
Logged In: YES Here's a sample of the problem... |
Logged In: YES I ran into this problem today with Python 2.3.3 on RedHat 9. ie: authinfo = urllib2.HTTPPasswordMgrWithDefaultRealm()
authinfo.add_password(None, host, userid, password)
authHandler = urllib2.HTTPBasicAuthHandler(authinfo)
opener = urllib2.build_opener(authHandler) where host = "http://localhost:7993" I've tested the proposed fix shown in urllib2_bug.py at line 31, class HTTPBasicAuthHandlerF(AbstractBasicAuthHandler,
BaseHandler):
auth_header = 'Authorization'
def http_error_401(self, req, fp, code, msg, headers):
host = req.get_full_url()
return self.http_error_auth_reqed('www-authenticate',
host, req, headers) This appears to have corrected the problem. test_urllib2.py and test_urllib.py both pass after making |
Logged In: YES This is fixed by patch 1470846, which includes tests and doc |
Logged In: YES Fixed with commit of patch 1470846. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: