Message 231702 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	John.McKay
Recipients	John.McKay
Date	2014-11-26.10:37:27
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1416998247.62.0.575795755864.issue22946@psf.upfronthosting.co.za>
In-reply-to

Content
After getting a sucessfull response, _open_generic_http will overwrite the the start of the url to be http: regardless of if it was called from open_http() or open_https(). This causes it to appear as if you were redirected to a non-secure site if you check the url properly after an open request. This is especially problematic after being redirected; it appears you were redirected to an insecure version of the site. Attached is a patch to resolve this. It uses the type, which should be correctly set to http or https based on the calling context.

After getting a sucessfull response, _open_generic_http will overwrite the the start of the url to be http: regardless of if it was called from open_http() or open_https(). This causes it to appear as if you were redirected to a non-secure site if you check the url properly after an open request. This is especially problematic after being redirected; it appears you were redirected to an insecure version of the site.

Attached is a patch to resolve this. It uses the type, which should be correctly set to http or https based on the calling context.

History
Date	User	Action	Args
2014-11-26 10:37:27	John.McKay	set	recipients: + John.McKay
2014-11-26 10:37:27	John.McKay	set	messageid: <1416998247.62.0.575795755864.issue22946@psf.upfronthosting.co.za>
2014-11-26 10:37:27	John.McKay	link	issue22946 messages
2014-11-26 10:37:27	John.McKay	create