Commit 92a5bf0c authored by Senthil Kumaran's avatar Senthil Kumaran

Issue12541 - Add UserWarning for unquoted realms

parents acfc26ac 0ea91cb5
...@@ -1261,11 +1261,12 @@ class HandlerTests(unittest.TestCase): ...@@ -1261,11 +1261,12 @@ class HandlerTests(unittest.TestCase):
401, 'WWW-Authenticate: Basic realm=%s\r\n\r\n' % realm) 401, 'WWW-Authenticate: Basic realm=%s\r\n\r\n' % realm)
opener.add_handler(auth_handler) opener.add_handler(auth_handler)
opener.add_handler(http_handler) opener.add_handler(http_handler)
self._test_basic_auth(opener, auth_handler, "Authorization", with self.assertWarns(UserWarning):
realm, http_handler, password_manager, self._test_basic_auth(opener, auth_handler, "Authorization",
"http://acme.example.com/protected", realm, http_handler, password_manager,
"http://acme.example.com/protected", "http://acme.example.com/protected",
) "http://acme.example.com/protected",
)
def test_proxy_basic_auth(self): def test_proxy_basic_auth(self):
opener = OpenerDirector() opener = OpenerDirector()
......
...@@ -934,6 +934,9 @@ class AbstractBasicAuthHandler: ...@@ -934,6 +934,9 @@ class AbstractBasicAuthHandler:
mo = AbstractBasicAuthHandler.rx.search(authreq) mo = AbstractBasicAuthHandler.rx.search(authreq)
if mo: if mo:
scheme, quote, realm = mo.groups() scheme, quote, realm = mo.groups()
if quote not in ['"',"'"]:
warnings.warn("Basic Auth Realm was unquoted",
UserWarning, 2)
if scheme.lower() == 'basic': if scheme.lower() == 'basic':
response = self.retry_http_basic_auth(host, req, realm) response = self.retry_http_basic_auth(host, req, realm)
if response and response.code != 401: if response and response.code != 401:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment