This is my first stab at contributing to this list. I'm writing to lobby for bug #8797's fix to be removed and for my fix to put in in its place. I'm probably doing this wrong, so please bear with me. I will embrace whatever scathing criticism I get.
The ticket covers all the details (http://bugs.python.org/issue8797#) but I'll try to summarize here:
In 2.6.5, urllib2 had a small regression that caused HTTP 401 errors to trigger an infinite recursion when the request handler had HTTP Auth credentials that the server was rejecting.
Previously, urllib2 avoided this loop by checking the previous request's headers to see if it had already tried the credentials it was about to try. If it had, it would re-raise the exception instead of trying again.
The current fix adds a "max retries" concept to urllib2's handling of HTTP 401 errors so that the code will only retry a certain number of times.
To me, the original logic of only trying once for each set of credentials was sound, and it looks like the only reason this stopped working was that in 2.6.5 the auth header wasn't being stored in the same place as the code was expecting to find it.
I think it makes sense to revisit this issue and swap out the existing fix for my fix because it's tidier and doesn't introduce this new "max retries" functionality.
Please let me know what you think.
On Thu, Feb 3, 2011 at 2:13 AM, Alexander Belopolsky firstname.lastname@example.org wrote:
On Wed, Feb 2, 2011 at 10:55 AM, Sam Bull email@example.com wrote:
.. I'm writing to lobby for bug #8797's fix to be removed and for my fix to put in in its place.
Please open a separate issue for your patch. Patches attached to closed issues will be lost.
Antoine reopened it, so that shouldn't be an issue.
On Wed, Feb 2, 2011 at 5:55 PM, Sam Bull firstname.lastname@example.org wrote:
This is my first stab at contributing to this list. I'm writing to lobby for bug #8797's fix to be removed and for my fix to put in in its place.
For what it's worth, I was already about to include your patch as a workaround for the bug in 2.6. See Bitten issue http://bitten.edgewall.org/ticket/658.
I also consider Sam's patch to be a cleaner patch than the one that ended up being applied in Python. See my comments in the Bitten mailing list thread: https://groups.google.com/forum/#%21topic/bitten/niJENqEGuus.