Fix for Issue3819 - urllib2 sends Basic auth across redirects

2010-02-24 16:45:46 +00:00 · 2010-02-24 16:45:46 +00:00 · 8526adfbd9
parent 2d9856d6ce
commit 8526adfbd9
2 changed files with 3 additions and 2 deletions
--- a/Lib/test/test_urllib2.py
+++ b/Lib/test/test_urllib2.py
@ -1134,7 +1134,8 @@ class HandlerTests(unittest.TestCase):
        auth_hdr_value = 'Basic '+base64.encodestring(userpass).strip()
        self.assertEqual(http_handler.requests[1].get_header(auth_header),
                         auth_hdr_value)
-
+        self.assertEqual(http_handler.requests[1].unredirected_hdrs[auth_header],
+                         auth_hdr_value)
        # if the password manager can't find a password, the handler won't
        # handle the HTTP auth error
        password_manager.user = password_manager.password = None
--- a/Lib/urllib2.py
+++ b/Lib/urllib2.py
@ -839,7 +839,7 @@ class AbstractBasicAuthHandler:
            auth = 'Basic %s' % base64.b64encode(raw).strip()
            if req.headers.get(self.auth_header, None) == auth:
                return None
-            req.add_header(self.auth_header, auth)
+            req.add_unredirected_header(self.auth_header, auth)
            return self.parent.open(req, timeout=req.timeout)
        else:
            return None