Getting a 401 from requests.get, but not when logging in via the browser.
Eli the Bearded
* at eli.users.panix.com
Mon Apr 20 15:18:48 EDT 2020
In comp.lang.python, <dcwhatthe at gmail.com> wrote:
> However, one of them immediately returns a 401. I'm using the exact
> same credentials to check this site, as when loggin in.
>
> Also, interestingly, it returns the 401 right away. I tried setting the
> timeout value for a ridiculously long time, but it passes the 401 return
> immediately.
The timeout presumably is how long to wait for a reply. When the
site replies 401 immediately, it's never even bumping up to the
timeout.
> Am I misunderstanding the meaning of the timeout parameter?
What do you think it is doing?
> The line in question is
> request = requests.get(ip_s,timeout=5000, verify = False, auth
> =HTTPBasicAuth( user_id_s, pw_s))
Are you sure the site is using HTTPBasicAuth()? Because if it's not,
that would explain how the same credentials can fail. (It could also
be something else, like a site returning "401 Unauthorized" because
it doesn't like your User-Agent.)
I use "AuthType Digest" on some of my websites. It's not great, but
it's TONS better than basic auth, which sends passwords basically
in the clear.
https://en.wikipedia.org/wiki/Digest_access_authentication
In my browser, Digest authentication looks the same GUI-wise as Basic
authentication. The differences are all under the hood.
Elijah
------
digest auth is not as well supported by clients or servers
More information about the Python-list
mailing list