From 8da3cac4a054e7edccfecce71f4f526e329c730f Mon Sep 17 00:00:00 2001
From: "R. David Murray" <rdmurray@bitdance.com>
Date: Tue, 29 Sep 2009 14:01:08 +0000
Subject: [PATCH] Merged revisions 75111 via svnmerge from
 svn+ssh://pythondev@svn.python.org/python/trunk

........
  r75111 | r.david.murray | 2009-09-28 12:57:45 -0400 (Mon, 28 Sep 2009) | 5 lines

  Prevent test_bad_address failure when a domain in the dns search
  path implements a '*' default rule.  Also update comment with
  a more complete explanation of the difficulties inherent in
  the test.
........
---
 Lib/test/test_urllib2_localnet.py | 25 ++++++++++++++++++-------
 1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/Lib/test/test_urllib2_localnet.py b/Lib/test/test_urllib2_localnet.py
index 43485c20de4..365742c8bff 100644
--- a/Lib/test/test_urllib2_localnet.py
+++ b/Lib/test/test_urllib2_localnet.py
@@ -469,14 +469,25 @@ class TestUrlopen(unittest.TestCase):
         # Make sure proper exception is raised when connecting to a bogus
         # address.
         self.assertRaises(IOError,
-                          # SF patch 809915:  In Sep 2003, VeriSign started
-                          # highjacking invalid .com and .net addresses to
-                          # boost traffic to their own site.  This test
-                          # started failing then.  One hopes the .invalid
-                          # domain will be spared to serve its defined
-                          # purpose.
+                          # Given that both VeriSign and various ISPs have in
+                          # the past or are presently hijacking various invalid
+                          # domain name requests in an attempt to boost traffic
+                          # to their own sites, finding a domain name to use
+                          # for this test is difficult.  RFC2606 leads one to
+                          # believe that '.invalid' should work, but experience
+                          # seemed to indicate otherwise.  Single character
+                          # TLDs are likely to remain invalid, so this seems to
+                          # be the best choice. The trailing '.' prevents a
+                          # related problem: The normal DNS resolver appends
+                          # the domain names from the search path if there is
+                          # no '.' the end and, and if one of those domains
+                          # implements a '*' rule a result is returned.
+                          # However, none of this will prevent the test from
+                          # failing if the ISP hijacks all invalid domain
+                          # requests.  The real solution would be to be able to
+                          # parameterize the framework with a mock resolver.
                           urllib.request.urlopen,
-                          "http://sadflkjsasf.i.nvali.d/")
+                          "http://sadflkjsasf.i.nvali.d./")
 
 def test_main():
     support.run_unittest(ProxyAuthTests, TestUrlopen)