[Python-Dev] cpython (3.2): Issue12541 - Add UserWarning for unquoted realms
Georg Brandl
g.brandl at gmx.net
Mon May 21 20:26:24 CEST 2012
Am 15.05.2012 18:08, schrieb senthil.kumaran:
> diff --git a/Lib/urllib/request.py b/Lib/urllib/request.py
> --- a/Lib/urllib/request.py
> +++ b/Lib/urllib/request.py
> @@ -95,6 +95,7 @@
> import sys
> import time
> import collections
> +import warnings
>
> from urllib.error import URLError, HTTPError, ContentTooShortError
> from urllib.parse import (
> @@ -827,6 +828,9 @@
> mo = AbstractBasicAuthHandler.rx.search(authreq)
> if mo:
> scheme, quote, realm = mo.groups()
> + if quote not in ["'", '"']:
> + warnings.warn("Basic Auth Realm was unquoted",
> + UserWarning, 2)
> if scheme.lower() == 'basic':
> response = self.retry_http_basic_auth(host, req, realm)
> if response and response.code != 401:
This looks suspect. Do we issue UserWarnings/any warnings anywhere else in the
network-related libs when servers don't implement protocols correctly?
I'm afraid of spurious warnings generated that will bug users unnecessarily.
If the warning is left in, the message should probably include the offending
realm string.
Georg
More information about the Python-Dev
mailing list