Message60840
I was looking at the following piece of code in urllib2
def http_error_auth_reqed(self, auth_header, host,
req, headers):
authreq = headers.get(auth_header, None)
if self.retried > 5:
# Don't fail endlessly - if we failed once,
we'll probably
# fail a second time. Hm. Unless the
Password Manager is
# prompting for the information. Crap. This
isn't great
# but it's better than the current 'repeat
until recursion
# depth exceeded' approach <wink>
raise HTTPError(req.get_full_url(), 401,
"digest auth failed",
headers, None)
else:
self.retried += 1
if authreq:
scheme = authreq.split()[0]
if scheme.lower() == 'digest':
return self.retry_http_digest_auth(req,
authreq)
else:
raise
ValueError("AbstractDigestAuthHandler doesn't know "
"about %s"%(scheme))
The particular thing that concerns me is scheme =
scheme = authreq.split()[0]
if scheme.lower() == 'digest':
Quite frequently, when there are multiple auth schemes
allowed, digest is NOT the first one in the list.
I would suggest substituting
schemes = authreq.lower().split(',')##a list of schemes
allowed, all lowercase
if('digest' in schemes):
and if needed, fixing the call to
retry_http_digest_auth so that the authreq passed is
valid (assuming for some reason it assumes the digest
is first)
|
|
Date |
User |
Action |
Args |
2008-01-20 09:58:17 | admin | link | issue1368312 messages |
2008-01-20 09:58:17 | admin | create | |
|