Message46982
Although the 'algorithm' component of the Authorization header is
considered optional by RFC 2617, there are sites that do not
function without providing algorithm notification. Specifically, this
problem is encounted with LiveJournal RSS feeds (where HTTP
digest authentication can be used to view non-public livejournal
entries).
This patch makes the algorithm flag always sent in the
Authorization header. The following test script demonstrates the
problem for a LiveJournal RSS feed (username and password must
be entered):
import urllib2
class PasswordMgr(object):
def find_user_password(self, realm, authuri):
return "someuser", "somepass"
def add_password(self):
pass
rssURI = "http://livejournal.com/users/someuser/data/rss?
auth=digest"
handler = urllib2.HTTPDigestAuthHandler(PasswordMgr())
opener = urllib2.build_opener(handler)
opener.open(rssURI)
With the attached patch, this works successfully. Without it, it fails
with an HTTP 401 error. |
|
Date |
User |
Action |
Args |
2007-08-23 15:39:59 | admin | link | issue1037974 messages |
2007-08-23 15:39:59 | admin | create | |
|