Bugfix for leaking Proxy-Authorization header to remote host when using

tunneling
scrapy · Aug 8, 2014 · d8793af · d8793af
1 parent ed1f376
commit d8793af
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/scrapy/core/downloader/handlers/http11.py b/scrapy/core/downloader/handlers/http11.py
@@ -166,6 +166,8 @@ def download_request(self, request):
         url = urldefrag(request.url)[0]
         method = request.method
         headers = TxHeaders(request.headers)
+        if isinstance(agent, self._TunnelingAgent):
+            headers.removeHeader('Proxy-Authorization')
         bodyproducer = _RequestBodyProducer(request.body) if request.body else None
 
         start_time = time()