[Patches] [ python-Patches-1480067 ] urllib2 digest auth redirection bug causes 400 error
SourceForge.net
noreply at sourceforge.net
Tue May 2 00:35:47 CEST 2006
Patches item #1480067, was opened at 2006-05-01 23:35
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=305470&aid=1480067&group_id=5470
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Library (Lib)
Group: Python 2.5
Status: Open
Resolution: None
Priority: 5
Submitted By: John J Lee (jjlee)
Assigned to: Nobody/Anonymous (nobody)
Summary: urllib2 digest auth redirection bug causes 400 error
Initial Comment:
urllib2 redirects HTTP digest authorisation
credentials, which is never useful (because the
redirection will change the digest), and may cause a
400 error if for example the handler finds credentials
for an initial request, but fails to finds credentials
for a redirected request. In that case a stale
Authorization or Proxy-authorization header will get
returned to the server, causing a 400 error.
I've verified this makes the 400 go away for example in
the case where http://localhost/foo gets 301 redirected
to http://127.0.0.1/foo/ (i.e. with a slash on the
end), where I've only added username/password for
"localhost" and not "127.0.0.1".
The fix is trivial.
2.4 backport candidate.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=305470&aid=1480067&group_id=5470
More information about the Patches
mailing list