traverseda
/
cpython
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Patch #812285: allow multiple auth schemes in AbstractBasicAuthHandler. 

(backport from rev. 54195)
This commit is contained in:
Georg Brandl 2007-03-07 07:39:13 +00:00
parent 6a9c780cde
commit fd13ef9c9c
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Lib/urllib2.py
View File

@ -766,11 +766,10 @@ class HTTPPasswordMgrWithDefaultRealm(HTTPPasswordMgr):
class AbstractBasicAuthHandler: class AbstractBasicAuthHandler:
rx = re.compile('[ \t]*([^ \t]+)[ \t]+realm="([^"]*)"', re.I) # XXX this allows for multiple auth-schemes, but will stupidly pick
# the last one with a realm specified.
# XXX there can actually be multiple auth-schemes in a rx = re.compile('(?:.*,)*[ \t]*([^ \t]+)[ \t]+realm="([^"]*)"', re.I)
# www-authenticate header. should probably be a lot more careful
# in parsing them to extract multiple alternatives
# XXX could pre-emptively send auth info already accepted (RFC 2617, # XXX could pre-emptively send auth info already accepted (RFC 2617,
# end of section 2, and section 1.2 immediately after "credentials" # end of section 2, and section 1.2 immediately after "credentials"