[Python-checkins] r61711 - in python/trunk: Lib/test/test_urllib2.py Lib/urllib2.py Misc/NEWS
georg.brandl
python-checkins at python.org
Fri Mar 21 20:54:01 CET 2008
Author: georg.brandl
Date: Fri Mar 21 20:54:00 2008
New Revision: 61711
Modified:
python/trunk/Lib/test/test_urllib2.py
python/trunk/Lib/urllib2.py
python/trunk/Misc/NEWS
Log:
#2136: allow single quotes in realm spec.
Modified: python/trunk/Lib/test/test_urllib2.py
==============================================================================
--- python/trunk/Lib/test/test_urllib2.py (original)
+++ python/trunk/Lib/test/test_urllib2.py Fri Mar 21 20:54:00 2008
@@ -911,13 +911,14 @@
self.assertEqual([(handlers[0], "http_open")],
[tup[0:2] for tup in o.calls])
- def test_basic_auth(self):
+ def test_basic_auth(self, quote_char='"'):
opener = OpenerDirector()
password_manager = MockPasswordManager()
auth_handler = urllib2.HTTPBasicAuthHandler(password_manager)
realm = "ACME Widget Store"
http_handler = MockHTTPHandler(
- 401, 'WWW-Authenticate: Basic realm="%s"\r\n\r\n' % realm)
+ 401, 'WWW-Authenticate: Basic realm=%s%s%s\r\n\r\n' %
+ (quote_char, realm, quote_char) )
opener.add_handler(auth_handler)
opener.add_handler(http_handler)
self._test_basic_auth(opener, auth_handler, "Authorization",
@@ -926,6 +927,9 @@
"http://acme.example.com/protected",
)
+ def test_basic_auth_with_single_quoted_realm(self):
+ self.test_basic_auth(quote_char="'")
+
def test_proxy_basic_auth(self):
opener = OpenerDirector()
ph = urllib2.ProxyHandler(dict(http="proxy.example.com:3128"))
Modified: python/trunk/Lib/urllib2.py
==============================================================================
--- python/trunk/Lib/urllib2.py (original)
+++ python/trunk/Lib/urllib2.py Fri Mar 21 20:54:00 2008
@@ -780,7 +780,10 @@
# XXX this allows for multiple auth-schemes, but will stupidly pick
# the last one with a realm specified.
- rx = re.compile('(?:.*,)*[ \t]*([^ \t]+)[ \t]+realm="([^"]*)"', re.I)
+ # allow for double- and single-quoted realm values
+ # (single quotes are a violation of the RFC, but appear in the wild)
+ rx = re.compile('(?:.*,)*[ \t]*([^ \t]+)[ \t]+'
+ 'realm=(["\'])(.*?)\\2', re.I)
# XXX could pre-emptively send auth info already accepted (RFC 2617,
# end of section 2, and section 1.2 immediately after "credentials"
@@ -800,7 +803,7 @@
if authreq:
mo = AbstractBasicAuthHandler.rx.search(authreq)
if mo:
- scheme, realm = mo.groups()
+ scheme, quote, realm = mo.groups()
if scheme.lower() == 'basic':
return self.retry_http_basic_auth(host, req, realm)
Modified: python/trunk/Misc/NEWS
==============================================================================
--- python/trunk/Misc/NEWS (original)
+++ python/trunk/Misc/NEWS Fri Mar 21 20:54:00 2008
@@ -51,6 +51,9 @@
Library
-------
+- Issue #2136: urllib2's auth handler now allows single-quoted realms in the
+ WWW-Authenticate header.
+
- Issue #2434: Enhanced platform.win32_ver() to also work on Python
installation which do not have the win32all package installed.
More information about the Python-checkins
mailing list