[Patches] [ python-Patches-1574068 ] urllib2 - Fix line breaks in authorization headers
SourceForge.net
noreply at sourceforge.net
Tue Oct 10 02:13:17 CEST 2006
Patches item #1574068, was opened at 2006-10-09 22:40
Message generated for change (Comment added) made by jjlee
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=305470&aid=1574068&group_id=5470
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Library (Lib)
Group: None
Status: Open
Resolution: None
Priority: 5
Submitted By: Scott Dial (geekmug)
Assigned to: Nobody/Anonymous (nobody)
Summary: urllib2 - Fix line breaks in authorization headers
Initial Comment:
urllib2 uses the wrong base64 encode function from the
base64 library. This patch corrects that.
Original bug report from "The Doctor What"
<docwhat+list.python-dev at gerf.org>
I found a bug in urllib2's handling of basic HTTP
authentication.
urllib2 uses the base64.encodestring() method to encode the
username:password.
The problem is that base64.encodestring() adds newlines
to wrap the
encoded characters at the 76th column.
This produces bogus request headers like this:
---------->8---------cut---------8<----------------
GET /some/url HTTP/1.1
Host: some.host
Accept-Encoding: identity
Authorization: Basic
cmVhbGx5bG9uZ3VzZXJuYW1lOmFuZXZlbmxvbmdlcnBhc3N3b3JkdGhhdGdvZXNvbmFuZG9uYW5k
b25hbmRvbmFuZG9u
User-agent: some-agent
---------->8---------cut---------8<----------------
----------------------------------------------------------------------
Comment By: John J Lee (jjlee)
Date: 2006-10-10 01:13
Message:
Logged In: YES
user_id=261020
urllib should also be fixed.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=305470&aid=1574068&group_id=5470
More information about the Patches
mailing list