mirrors
/
cpython
mirror of https://github.com/python/cpython.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[Patch #1574068 by Scott Dial] urllib and urllib2 were using 

base64.encodestring() for encoding authentication data.
encodestring() can include newlines for very long input, which
produced broken HTTP headers.
This commit is contained in:
Andrew M. Kuchling 2006-10-27 17:11:23 +00:00
parent 6d72b0e1f8
commit 872dba4253
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Lib/urllib.py
View File

@ -302,13 +302,13 @@ def open_http(self, url, data=None):
if proxy_passwd: if proxy_passwd:
import base64 import base64
proxy_auth = base64.encodestring(proxy_passwd).strip() proxy_auth = base64.b64encode(proxy_passwd).strip()
else: else:
proxy_auth = None proxy_auth = None
if user_passwd: if user_passwd:
import base64 import base64
auth = base64.encodestring(user_passwd).strip() auth = base64.b64encode(user_passwd).strip()
else: else:
auth = None auth = None
h = httplib.HTTP(host) h = httplib.HTTP(host)
@ -387,12 +387,12 @@ def open_https(self, url, data=None):
if not host: raise IOError, ('https error', 'no host given') if not host: raise IOError, ('https error', 'no host given')
if proxy_passwd: if proxy_passwd:
import base64 import base64
proxy_auth = base64.encodestring(proxy_passwd).strip() proxy_auth = base64.b64encode(proxy_passwd).strip()
else: else:
proxy_auth = None proxy_auth = None
if user_passwd: if user_passwd:
import base64 import base64
auth = base64.encodestring(user_passwd).strip() auth = base64.b64encode(user_passwd).strip()
else: else:
auth = None auth = None
h = httplib.HTTPS(host, 0, h = httplib.HTTPS(host, 0,

4
Lib/urllib2.py
View File

@ -674,7 +674,7 @@ def proxy_open(self, req, proxy, type):
proxy_type = orig_type proxy_type = orig_type
if user and password: if user and password:
user_pass = '%s:%s' % (unquote(user), unquote(password)) user_pass = '%s:%s' % (unquote(user), unquote(password))
creds = base64.encodestring(user_pass).strip() creds = base64.b64encode(user_pass).strip()
req.add_header('Proxy-authorization', 'Basic ' + creds) req.add_header('Proxy-authorization', 'Basic ' + creds)
hostport = unquote(hostport) hostport = unquote(hostport)
req.set_proxy(hostport, proxy_type) req.set_proxy(hostport, proxy_type)
@ -798,7 +798,7 @@ def retry_http_basic_auth(self, host, req, realm):
user, pw = self.passwd.find_user_password(realm, host) user, pw = self.passwd.find_user_password(realm, host)
if pw is not None: if pw is not None:
raw = "%s:%s" % (user, pw) raw = "%s:%s" % (user, pw)
auth = 'Basic %s' % base64.encodestring(raw).strip() auth = 'Basic %s' % base64.b64encode(raw).strip()
if req.headers.get(self.auth_header, None) == auth: if req.headers.get(self.auth_header, None) == auth:
return None return None
req.add_header(self.auth_header, auth) req.add_header(self.auth_header, auth)