This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Title: urllib2 digest auth redirection bug causes 400 error
Type: Stage:
Components: Library (Lib) Versions: Python 2.5
Status: closed Resolution: accepted
Dependencies: Superseder:
Assigned To: Nosy List: georg.brandl, jjlee
Priority: normal Keywords: patch

Created on 2006-05-01 22:35 by jjlee, last changed 2022-04-11 14:56 by admin. This issue is now closed.

File name Uploaded Description Edit
digest_auth_redirect.patch jjlee, 2006-05-01 22:35
Messages (2)
msg50173 - (view) Author: John J Lee (jjlee) Date: 2006-05-01 22:35
urllib2 redirects HTTP digest authorisation
credentials, which is never useful (because the
redirection will change the digest), and may cause a
400 error if for example the handler finds credentials
for an initial request, but fails to finds credentials
for a redirected request.  In that case a stale
Authorization or Proxy-authorization header will get
returned to the server, causing a 400 error.

I've verified this makes the 400 go away for example in
the case where http://localhost/foo gets 301 redirected
to (i.e. with a slash on the
end), where I've only added username/password for
"localhost" and not "".

The fix is trivial.

2.4 backport candidate.
msg50174 - (view) Author: Georg Brandl (georg.brandl) * (Python committer) Date: 2006-05-03 05:05
Logged In: YES 

Committed as rev. 45879, 45880 (2.4).
Date User Action Args
2022-04-11 14:56:17adminsetgithub: 43309
2006-05-01 22:35:47jjleecreate