[issue19494] urllib2.HTTPBasicAuthHandler (or urllib.request.HTTPBasicAuthHandler) doesn't work with GitHub API v3 and similar
Matej Cepl
report at bugs.python.org
Mon Nov 4 20:26:53 CET 2013
Matej Cepl added the comment:
Also let me add from RFC 2617, end of section 2:
> A client MAY preemptively send the corresponding Authorization
> header with requests for resources in that space without
> receipt of another challenge from the server. Similarly, when
> a client sends a request to a proxy, it may reuse a userid and
> password in the Proxy-Authorization header field without
> receiving another challenge from the proxy server. See section
> 4 for security considerations associated with Basic
> authentication.
So sending "Authorization" in the introductory request is not
only performance hack, but it is also anticipated by RFC.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue19494>
_______________________________________
More information about the Python-bugs-list
mailing list