Merged revisions 78422 via svnmerge from

svn+ssh://pythondev@svn.python.org/python/trunk

........
  r78422 | senthil.kumaran | 2010-02-24 22:15:46 +0530 (Wed, 24 Feb 2010) | 2 lines

  Fix for Issue3819 - urllib2 sends Basic auth across redirects
........

diff --git a/Lib/test/test_urllib2.py b/Lib/test/test_urllib2.py
index f77537d61ecc67d08b5243213b44ad8046c45b4e..11848e07e47b8c491a2b00489fa4b5f1e927047c 100644 (file)
--- a/Lib/test/test_urllib2.py
+++ b/Lib/test/test_urllib2.py
@@ -1145,7 +1145,8 @@ class HandlerTests(unittest.TestCase):
             base64.encodebytes(userpass).strip().decode())
         self.assertEqual(http_handler.requests[1].get_header(auth_header),
                          auth_hdr_value)
-
+        self.assertEqual(http_handler.requests[1].unredirected_hdrs[auth_header],
+                         auth_hdr_value)
         # if the password manager can't find a password, the handler won't
         # handle the HTTP auth error
         password_manager.user = password_manager.password = None

diff --git a/Lib/urllib/request.py b/Lib/urllib/request.py
index 07a7ee6960f869d3027487df75f6b11e3e495632..b9de4793b3de61dea51ab353675e50a3d249eb36 100644 (file)
--- a/Lib/urllib/request.py
+++ b/Lib/urllib/request.py
@@ -795,7 +795,7 @@ class AbstractBasicAuthHandler:
             auth = "Basic " + base64.b64encode(raw.encode()).decode("ascii")
             if req.headers.get(self.auth_header, None) == auth:
                 return None
-            req.add_header(self.auth_header, auth)
+            req.add_unredirected_header(self.auth_header, auth)
             return self.parent.open(req, timeout=req.timeout)
         else:
             return None