guido@google.com
60a4a90c8d
Issue 22663: fix redirect vulnerability in urllib/urllib2.
2011-03-24 08:07:45 -07:00
Amaury Forgeot d'Arc
8d904c3981
Issue #2670 : urllib2.build_opener() failed when two handlers
...
derive the same default base class.
Backport of r62463.
2008-04-22 21:17:18 +00:00
Georg Brandl
40df67f704
Patch #1752270 , #1750931 : complain if urllib2 add_handler called
...
without handler.
(backport from rev. 56293)
2007-07-12 08:05:48 +00:00
Georg Brandl
d2acc2e9c5
Patch #1667860 : Fix UnboundLocalError in urllib2.
...
(backport from rev. 55805)
2007-06-07 13:34:41 +00:00
Neal Norwitz
112717dd0b
Fix SF #1703110 , Incorrect example for add_password() (use uri, not host)
2007-04-24 04:54:24 +00:00
Georg Brandl
fd13ef9c9c
Patch #812285 : allow multiple auth schemes in AbstractBasicAuthHandler.
...
(backport from rev. 54195)
2007-03-07 07:39:13 +00:00
Georg Brandl
962e9165aa
Patch #1627441 : close sockets properly in urllib2.
...
(backport from rev. 53511)
2007-01-21 10:35:14 +00:00
Andrew M. Kuchling
ff9e7abac8
[Patch #1574068 by Scott Dial] urllib and urllib2 were using
...
base64.encodestring() for encoding authentication data.
encodestring() can include newlines for very long input, which
produced broken HTTP headers.
2.4 backport candidate, probably.
2006-10-27 17:13:33 +00:00
Georg Brandl
db232dc86a
Patch #1542948 : fix urllib2 header casing issue. With new test.
...
(backport from rev. 51416)
2006-08-20 13:15:43 +00:00
Georg Brandl
0619a329e8
Bug #1459963 : properly capitalize HTTP header names.
2006-07-26 07:40:17 +00:00
Georg Brandl
261e251df8
Patches #1497027 and #972322 : try HTTP digest auth first,
...
and watch out for handler name collisions.
2006-05-29 20:52:54 +00:00
Georg Brandl
2b33037611
Patch #1496206 : urllib2 PasswordMgr ./. default ports
2006-05-28 20:23:12 +00:00
Neal Norwitz
b678ce5aa6
Little cleanup
2006-05-18 06:51:46 +00:00
Georg Brandl
9d6da3e2f2
Delay-import some large modules to speed up urllib2 import.
...
(fixes #1484793 ).
2006-05-17 15:17:00 +00:00
Georg Brandl
b5f2e5cc50
Patch #1479302 : Make urllib2 digest auth and basic auth play together.
2006-05-08 17:36:08 +00:00
Georg Brandl
852bb00818
Patch #1480067 : don't redirect HTTP digest auth in urllib2
2006-05-03 05:05:02 +00:00
Georg Brandl
bffb0bc064
In stdlib, use hashlib instead of deprecated md5 and sha modules.
2006-04-30 08:57:35 +00:00
Georg Brandl
fa42bd7af4
Patch #1470846 : fix urllib2 ProxyBasicAuthHandler.
2006-04-30 07:06:11 +00:00
Georg Brandl
7fff58c097
Readd urllib.quote import as it doesn't cause any harm.
2006-04-02 21:13:13 +00:00
Georg Brandl
c5ffd91911
Patch #1463012 : remove not working undocumented classes from urllib2
2006-04-02 20:48:11 +00:00
Georg Brandl
720096a6bf
Patch #1462790 : fix urllib2 ProxyHandler for host:port proxies
2006-04-02 20:45:34 +00:00
Georg Brandl
4eb521e595
bug #1462706 : guard against host not having FQDN hostname
2006-04-02 20:37:17 +00:00
Georg Brandl
814727582a
Update version number to 2.5
2006-03-31 20:02:40 +00:00
Georg Brandl
80bb2bb7eb
Revert r43399.
2006-03-28 19:19:56 +00:00
Georg Brandl
f1349cd05d
Bug #1459963 : urllib2 now normalizes HTTP header names correctly
...
with title().
2006-03-28 12:40:24 +00:00
Georg Brandl
ddb84d7c69
Bug #1353433 : be conciliant with spaces in redirect URLs
2006-03-18 11:35:18 +00:00
Tim Peters
e2c9a6cea7
Suppress new deprecation warnings when running the
...
test suite.
For urllib2, move the import of gopherlib into the
only function that uses it: users (including the
test suite) certainly shouldn't see a deprecation
warning just because they import urllib2! If they
actually use gopher_open(), fine, _then_ they should
see a deprecation warning.
2006-02-18 04:14:16 +00:00
Tim Peters
b6be87f9b0
Whitespace normalization.
2006-02-18 03:10:56 +00:00
Georg Brandl
6aab16e9f6
Move "httpresponses" dict from urllib2 to httplib where it belongs.
2006-02-17 19:17:25 +00:00
Georg Brandl
531cebad4c
Bug #902075 : urllib2 now handles "host:port" proxy specifications
...
Can/should this be backported?
2006-01-21 07:20:56 +00:00
Tim Peters
9e34c04732
Whitespace normalization (via reindent.py).
2005-08-26 15:20:46 +00:00
Georg Brandl
e1b13d2019
Bug #735248 : Fix urllib2.parse_http_list.
2005-08-24 22:20:32 +00:00
Georg Brandl
a5a2088dd7
Bug 1016563: Bug in urllib2 proxy auth
2005-08-24 20:29:32 +00:00
Tim Peters
f5f32b4712
Whitespace normalization.
2005-07-17 23:16:17 +00:00
Georg Brandl
5c5fe2f445
RFE [ 1216944 ] Add Error Code Dictionary to urllib2
2005-07-14 06:40:47 +00:00
Georg Brandl
8d457c78b4
bug [ 1175848 ] poorly named variable in urllib2.py
2005-06-26 22:01:35 +00:00
Raymond Hettinger
dbecd93b72
Replace list of constants with tuples of constants.
2005-02-06 06:57:08 +00:00
Raymond Hettinger
f7bf02ded5
SF patch #1028908
...
(John J Lee)
Minor code clarification and simplification.
2005-02-05 14:37:06 +00:00
Johannes Gijsbers
cdd625a770
Patch #1095362 : replace hardcoded test for POST/GET with call to get_method,
...
removing some duplication and gaining some flexibility in the process.
2005-01-09 05:51:49 +00:00
Jeremy Hylton
b300ae3a79
Two small changes, SF bug #974757 and SF patch #1037974 .
...
Pass the full URL to find_user_password(), in particular so that hosts
with port numbers can be looked up.
Also specify the digest algorithm, even if it's MD5. Titus Brown
verified that this fixes a problem with LiveJournal.
2004-12-22 14:27:19 +00:00
Anthony Baxter
3dd9e46161
Added a usegmt flag to email.Utils.formatdate - this allows it to be
...
used to replace rfc822.formatdate for protocols like HTTP (where 'GMT' must
be the timezone string).
2004-10-11 13:53:08 +00:00
Andrew M. Kuchling
33ad28b68d
Use multi-line import
2004-08-31 11:38:12 +00:00
Tim Peters
9ca3f8551a
Whitespace normalization.
2004-08-08 01:05:14 +00:00
Jeremy Hylton
5d9c3031c8
Fix urllib2.urlopen() handling of chunked content encoding.
...
The change to use the newer httplib interface admitted the possibility
that we'd get an HTTP/1.1 chunked response, but the code didn't handle
it correctly. The raw socket object can't be pass to addinfourl(),
because it would read the undecoded response. Instead, addinfourl()
must call HTTPResponse.read(), which will handle the decoding.
One extra wrinkle is that the HTTPReponse object can't be passed to
addinfourl() either, because it doesn't implement readline() or
readlines(). As a quick hack, use socket._fileobject(), which
implements those methods on top of a read buffer. (suggested by mwh)
Finally, add some tests based on test_urllibnet.
Thanks to Andrew Sawyers for originally reporting the chunked problem.
2004-08-07 17:40:50 +00:00
Martin v. Löwis
65a7975f16
Patch #994595 : Recognize Basic auth even if other schemes are offered.
...
Will backport to 2.3.
2004-08-03 12:59:55 +00:00
Kurt B. Kaiser
3f7cb5d9f5
Patch [ 972332 ] urllib2 FTPHandler bugs / John J. Lee
...
Modified Files:
urllib2.py test/test_urllib2.py
2004-07-11 17:14:13 +00:00
Andrew M. Kuchling
85064ffd76
[Patch #988602 ] Move the urllib2 tests into the test framework
2004-07-10 19:46:40 +00:00
Andrew M. Kuchling
f9ea7c067a
[Patch #988504 ] Fix HTTP error handling via a patch from John J. Lee
2004-07-10 15:34:34 +00:00
Andrew M. Kuchling
08c08bb3d1
[Bug #912845 ] urllib2 only checks for a 200 return code, but 206 is also legal if a Range: header was supplied.
...
(Actually, should the first 'if' statement be modified to allow any 2xx status code?)
2004-06-29 13:19:19 +00:00
Neal Norwitz
1cdd3632a0
Cleanup: the in operator already returns a bool, no need to bool() it again
...
Cleanup: use condition to be consistent with code above
CookieJar is in cookielib
2004-06-07 03:49:50 +00:00