Issue12541 - Add UserWarning for unquoted realms

0ea91cb5 · Senthil Kumaran · 34f3fcc2 · 0ea91cb5 · 0ea91cb5
Commit 0ea91cb5 authored May 15, 2012 by Senthil Kumaran
Show whitespace changes
Inline Side-by-side

Showing with 10 additions and 5 deletions

Lib/test/test_urllib2.py Lib/test/test_urllib2.py +6 -5

Lib/urllib/request.py Lib/urllib/request.py +4 -0

No files found.
--- a/Lib/test/test_urllib2.py
+++ b/Lib/test/test_urllib2.py
@@ -1227,6 +1227,7 @@ class HandlerTests(unittest.TestCase):
            401, 'WWW-Authenticate: Basic realm=%s\r\n\r\n' % realm)
        opener.add_handler(auth_handler)
        opener.add_handler(http_handler)
+        with self.assertWarns(UserWarning):
            self._test_basic_auth(opener, auth_handler, "Authorization",
                                realm, http_handler, password_manager,
                                "http://acme.example.com/protected",

--- a/Lib/urllib/request.py
+++ b/Lib/urllib/request.py
@@ -95,6 +95,7 @@ import socket
 import sys
 import time
 import collections
+import warnings
 from urllib.error import URLError, HTTPError, ContentTooShortError
 from urllib.parse import (
@@ -827,6 +828,9 @@ class AbstractBasicAuthHandler:
            mo = AbstractBasicAuthHandler.rx.search(authreq)
            if mo:
                scheme, quote, realm = mo.groups()
+                if quote not in ["'", '"']:
+                    warnings.warn("Basic Auth Realm was unquoted",
+                                  UserWarning, 2)
                if scheme.lower() == 'basic':
                    response = self.retry_http_basic_auth(host, req, realm)
                    if response and response.code != 401: