New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Incorrect authorization check in urllib.request #90912
Comments
There is an error in determining a sub-URI in the urllib.request module. Due to it, if the user is authorized for example.org/foo, it gets also access to example.org/foobar. |
Maybe the same as bpo-42766? |
Yes, it is the same. I should search before writing a patch. But for some reasons I prefer my solution over the one proposed in bpo-42766: The code is clearer and more strict, tests use public API instead of a private method. |
This is marked as a release blocker so I am holding the alpha release on this. Is there anything we can do to unblock this issue? |
Is something left here, it seems that most PRs are landed |
I'm closing this, please reopen if something is missing. |
Pablo, we are good. The PRs were merged in open branches a while ago, and this was tracking security releases backports. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: