This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

classification
Title: More precise realm parsing in AbstractBasicAuthHandler
Type: Stage:
Components: Library (Lib) Versions: Python 2.3
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: Nosy List: federicodc, georg.brandl
Priority: normal Keywords: patch

Created on 2003-09-25 08:47 by federicodc, last changed 2022-04-10 16:11 by admin. This issue is now closed.

Files
File name Uploaded Description Edit
urllib2.py.diff federicodc, 2003-09-25 08:47 Diff file for Python 2.3 urllib2.py
Messages (2)
msg44687 - (view) Author: Federico Di Carlo (federicodc) Date: 2003-09-25 08:47 
AbstractBasicAuthHandler class parses headers to search
for a scheme and its realm.

"rx" is the compiled regular expression that is used to
match these items. But it doesn't work on multiple
auth-schemes (as stated in urllib2.py source code).
Since I HAD to work around this issue (we have NTLM
authentication first in our proxy) I managed a bit the
regular expression (rx) and its groups.

The auth-request I had to face is:  
< NTLM, Basic realm="something" >, so I created a RE
with named groups to find exactly the type of request
that has a "realm" after the scheme, and that can
contain commas, in this way:
< ([ \t]+|(.*,)+)*(?P<scheme>[^ \t]+)[
\t]+realm="(?P<realm>[^"]*)"' >

Matching groups "scheme" and "realm" will contain right
values as parsed.

This will NOT fix issue with multiple realm-based
requests (it will return only last one), but seems to
handle well requests like the one specified.

Diff attached for Python 2.3

Hope this helps,

Federico Di Carlo
msg44688 - (view) Author: Georg Brandl (georg.brandl) * (Python committer) Date: 2007-03-07 07:39 
Thanks for the patch, committed a similar one as rev. 54195, 54196 (2.5).
History
Date User Action Args
2022-04-10 16:11:20adminsetgithub: 39296
2003-09-25 08:47:37federicodccreate