MockHeaders({"location": valid_url}))
self.assertEqual(o.req.get_full_url(), valid_url)
+ def test_relative_redirect(self):
+ from_url = "http://example.com/a.html"
+ relative_url = "/b.html"
+ h = urllib.request.HTTPRedirectHandler()
+ o = h.parent = MockOpener()
+ req = Request(from_url)
+ req.timeout = socket._GLOBAL_DEFAULT_TIMEOUT
+
+ valid_url = urllib.parse.urljoin(from_url,relative_url)
+ h.http_error_302(req, MockFile(), 302, "That's fine",
+ MockHeaders({"location": valid_url}))
+ self.assertEqual(o.req.get_full_url(), valid_url)
+
def test_cookie_redirect(self):
# cookies shouldn't leak into redirected requests
from http.cookiejar import CookieJar
# For security reasons we don't allow redirection to anything other
# than http, https or ftp.
- if urlparts.scheme not in ('http', 'https', 'ftp'):
+ if urlparts.scheme not in ('http', 'https', 'ftp', ''):
raise HTTPError(
newurl, code,
"%s - Redirection to url '%s' is not allowed" % (msg, newurl),
# We are using newer HTTPError with older redirect_internal method
# This older method will get deprecated in 3.3
- if urlparts.scheme not in ('http', 'https', 'ftp'):
+ if urlparts.scheme not in ('http', 'https', 'ftp', ''):
raise HTTPError(newurl, errcode,
errmsg +
" Redirection to url '%s' is not allowed." % newurl,
Library
-------
+- Issue #13696: Fix the 302 Relative URL Redirection problem.
+
- Issue #13636: Weak ciphers are now disabled by default in the ssl module
(except when SSLv2 is explicitly asked for).
projects / python / commitdiff