[issue8843] urllib2 Digest Authorization uri must match request URI
Demian Brecht
report at bugs.python.org
Fri Jul 18 17:05:39 CEST 2014
Demian Brecht added the comment:
FWIW, here's my take on this:
RFC 2617 (3.2.2.5) states: This may be "*", an "absoluteURL" or an "abs_path" as specified in section 5.1.2 of [2], but it MUST agree with the Request-URI.
Note: It must AGREE.
RFC 3986 (6.2.3) states: In general, a URI that uses the generic syntax for authority with an empty path should be normalized to a path of "/".
In my mind, this normalization should actually happen server-side, not client as the patch is suggesting.
Additionally, should the logic in the supplied patch be applied, it would be inconsistent with any other than an empty path:
http://example.com -> /
http://example.com/foo -> /foo
I would close this as won't fix.
Side note: get_selector was deprecated in 3.3 and removed in 3.4 in favour of the Request.selector attribute.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue8843>
_______________________________________
More information about the Python-bugs-list
mailing list