[Python-Dev] cpython (3.2): Issue12541 - Add UserWarning for unquoted realms (original) (raw)
Georg Brandl g.brandl at gmx.net
Mon May 21 20:26:24 CEST 2012
- Previous message: [Python-Dev] cpython: Close #14588: added a PEP 3115 compliant dynamic type creation mechanism
- Next message: [Python-Dev] Volunteering to be PEP czar for PEP 421, sys.implementation
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Am 15.05.2012 18:08, schrieb senthil.kumaran:
diff --git a/Lib/urllib/request.py b/Lib/urllib/request.py --- a/Lib/urllib/request.py +++ b/Lib/urllib/request.py @@ -95,6 +95,7 @@ import sys import time import collections +import warnings
from urllib.error import URLError, HTTPError, ContentTooShortError from urllib.parse import ( @@ -827,6 +828,9 @@ mo = AbstractBasicAuthHandler.rx.search(authreq) if mo: scheme, quote, realm = mo.groups() + if quote not in ["'", '"']: + warnings.warn("Basic Auth Realm was unquoted", + UserWarning, 2) if scheme.lower() == 'basic': response = self.retryhttpbasicauth(host, req, realm) if response and response.code != 401:
This looks suspect. Do we issue UserWarnings/any warnings anywhere else in the network-related libs when servers don't implement protocols correctly? I'm afraid of spurious warnings generated that will bug users unnecessarily.
If the warning is left in, the message should probably include the offending realm string.
Georg
- Previous message: [Python-Dev] cpython: Close #14588: added a PEP 3115 compliant dynamic type creation mechanism
- Next message: [Python-Dev] Volunteering to be PEP czar for PEP 421, sys.implementation
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]