[issue13323] urllib2 does not correctly handle multiple www-authenticate headers in an HTTP response
David Fischer
report at bugs.python.org
Sun Nov 6 23:51:52 CET 2011
David Fischer <djfische at gmail.com> added the comment:
With this patch, the AbstractBasicAuthHandler (and its subclasses) performs a regex search on the amalgamated "www-authenticate" header for basic authentication.
This fixes the case where you have an HTTP response of the form:
HTTP/1.1 401 Authorization Required
Server: HTTPd/1.0
WWW-Authenticate: Basic realm="Secure Area"
WWW-Authenticate: SomethingElse realm="Alternative"
...
In the above case, AbstractBasicAuthHandler will attempt basic auth against the "Secure Area" realm.
----------
keywords: +patch
Added file: http://bugs.python.org/file23619/urllib2_basicauth.patch
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13323>
_______________________________________
More information about the Python-bugs-list
mailing list