Message 115054 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	Luci.Stanescu
Recipients	Luci.Stanescu
Date	2010-08-27.06:59:24
SpamBayes Score	4.9464397e-06
Marked as misclassified	No
Message-id	<1282892368.57.0.758322534297.issue9698@psf.upfronthosting.co.za>
In-reply-to

Content
Hi, The HTTPDigestAuthHandler's code looks like this: def http_error_401(self, req, fp, code, msg, headers): host = urlparse(req.full_url)[1] retry = self.http_error_auth_reqed('www-authenticate', host, req, headers) self.reset_retry_count() return retry After successful authentication, the HTTP server might still return an error code, such as 404 or 304. In that case, self.http_error_auth_reqed raises the appropriate HTTPError and self.reset_retry_count is not called. I think that the code should be something along the lines of: try: retry = self.http_error_auth_reqed('www-authenticate', host, req, headers) except HTTPError, e: if e.code != 401: self.reset_retry_counter() raise else: self.reset_retry_counter() return retry Ways to reproduce the problem: try to access a resource for which an HTTP server requires authentication but for which after successful authentication returns a negative reply. I've attached an example script to demonstrate it (for python 2.X; bug also resent in 3.X, just replace import urllib2 with from urllib import request as urllib2 ;-) ). The same problem applies to ProxyDigestAuthHandler.

Hi,

The HTTPDigestAuthHandler's code looks like this:

    def http_error_401(self, req, fp, code, msg, headers):
        host = urlparse(req.full_url)[1]
        retry = self.http_error_auth_reqed('www-authenticate',
                                           host, req, headers)
        self.reset_retry_count()
        return retry

After successful authentication, the HTTP server might still return an error code, such as 404 or 304. In that case, self.http_error_auth_reqed raises the appropriate HTTPError and self.reset_retry_count is not called. I think that the code should be something along the lines of:

try:
  retry = self.http_error_auth_reqed('www-authenticate', host, req, headers)
except HTTPError, e:
  if e.code != 401:
    self.reset_retry_counter()
  raise
else:
  self.reset_retry_counter()
  return retry

Ways to reproduce the problem: try to access a resource for which an HTTP server requires authentication but for which after successful authentication returns a negative reply. I've attached an example script to demonstrate it (for python 2.X; bug also resent in 3.X, just replace import urllib2 with from urllib import request as urllib2 ;-) ).

The same problem applies to ProxyDigestAuthHandler.

History
Date	User	Action	Args
2010-08-27 06:59:28	Luci.Stanescu	set	recipients: + Luci.Stanescu
2010-08-27 06:59:28	Luci.Stanescu	set	messageid: <1282892368.57.0.758322534297.issue9698@psf.upfronthosting.co.za>
2010-08-27 06:59:26	Luci.Stanescu	link	issue9698 messages
2010-08-27 06:59:24	Luci.Stanescu	create