[ python-Bugs-1016563 ] urllib2 bug in proxy auth
SourceForge.net
noreply at sourceforge.net
Wed Aug 24 22:33:50 CEST 2005
Bugs item #1016563, was opened at 2004-08-26 09:14
Message generated for change (Comment added) made by birkenfeld
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1016563&group_id=5470
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Python Library
Group: Python 2.4
>Status: Closed
>Resolution: Fixed
Priority: 6
Submitted By: Christoph Mussenbrock (mussenbrock)
>Assigned to: Reinhold Birkenfeld (birkenfeld)
Summary: urllib2 bug in proxy auth
Initial Comment:
in urllib2.py:
line 502 should be:
... user_pass = base64.encodestring('%s:%s' % (unquote
(user), unquote(password))).strip()
the '.strip()' is missing in the current version ("2.1").
this makes an additonal '\n' at the end of user_pass.
So there will be an empty line in the http header, which
is buggy.
(see also line 645, where the .strip() is right in place!).
Best regards,
Christoph
----------------------------------------------------------------------
>Comment By: Reinhold Birkenfeld (birkenfeld)
Date: 2005-08-24 22:33
Message:
Logged In: YES
user_id=1188172
Thanks for the report, committed as Lib/urllib2.py r1.85,
r1.77.2.2.
----------------------------------------------------------------------
Comment By: Pieter Van Dyck (pietervd)
Date: 2005-06-14 17:39
Message:
Logged In: YES
user_id=1240437
I've run into the same bug so allow me to comment.
client environment: windows XP
target: Apache/1.3.33 (Unix)
checked on: python 2.3.4, 2.3.5, 2.4.1
To reproduce:
# from urllib2 import ...
proxy = {"http":"http://user:pwd@proxy:port"}
opener =build_opener(ProxyHandler(proxy))
install_opener( opener )
req = Request(coolurl)
# construct
base64string = base64.encodestring('%s:%s' % (site_user,
site_pwd))[:-1]
authheader = "Basic %s" % base64string
req.add_header("Authorization", authheader)
urlopen( req )
Symptoms: authentication failed on coolurl (HTTPError 401)
Fix: Applying the patch solves the problem for me
It appears as if the receiving server treats the empty line
as the end of the header even though it strictly shouldn't.
HTH
Pieter
----------------------------------------------------------------------
Comment By: Paul Moore (pmoore)
Date: 2005-01-29 22:50
Message:
Logged In: YES
user_id=113328
The change was introduced by revision 1.32 of the file, from
patch 527518. There's no mention of removing strip() there,
so I suspect it was an accident.
The strip() is still missing in CVS HEAD. I can see the
problem, in theory (base64.encodestring returns a string
with a terminating newline). However, I cannot reproduce the
problem.
Can the original poster provide a means of verifying the
problem? It may be useful as a test case.
Regardless, the change seems harmless, and can probably be
applied. I attach a patch against CVS HEAD:
--- urllib2.py.orig 2005-01-09 05:51:49.000000000 +0000
+++ urllib2.py 2005-01-29 21:31:49.000000000 +0000
@@ -582,7 +582,8 @@
if ':' in user_pass:
user, password = user_pass.split(':', 1)
user_pass = base64.encodestring('%s:%s' %
(unquote(user),
-
unquote(password)))
+
unquote(password))
+ ).strip()
req.add_header('Proxy-authorization',
'Basic ' + user_pass)
host = unquote(host)
req.set_proxy(host, type)
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1016563&group_id=5470
More information about the Python-bugs-list
mailing list