[New-bugs-announce] [issue7159] Urllib2 authentication memory.
report at bugs.python.org
Sat Oct 17 17:32:39 CEST 2009
New submission from Brad Olson <brado at movedbylight.com>:
For each request requiring HTTP authentication, urllib2 submits the
request without authentication, receives the server's 401
error/challenge, then re-submits the request with authentication.
This is compliant behavior. The problem comes in that urllib2 repeats
this for every ensuing request to the same namespace.
At times this is just an inefficiency--every request gets sent twice,
often with POST data (which can be sizeable).
Sometimes, especially with large POST bodies, this causes a connection
(Mercurial suffers greatly from this (and I have suggested workaround to
This isn't non-compliant behavior, but RFC2617 (sections 2, 3.3)
suggests that once an HTTP client authenticates, it pre-emptively send
authentication with ensuing requests.
More analysis and fix suggestions at
components: Library (Lib)
title: Urllib2 authentication memory.
versions: Python 2.6
Python tracker <report at bugs.python.org>
More information about the New-bugs-announce