Issue12541 - Add UserWarning for unquoted realms
diff --git a/Lib/test/test_urllib2.py b/Lib/test/test_urllib2.py
index f9a76a3..b2cec7e 100644
--- a/Lib/test/test_urllib2.py
+++ b/Lib/test/test_urllib2.py
@@ -1261,11 +1261,12 @@
401, 'WWW-Authenticate: Basic realm=%s\r\n\r\n' % realm)
opener.add_handler(auth_handler)
opener.add_handler(http_handler)
- self._test_basic_auth(opener, auth_handler, "Authorization",
- realm, http_handler, password_manager,
- "http://acme.example.com/protected",
- "http://acme.example.com/protected",
- )
+ with self.assertWarns(UserWarning):
+ self._test_basic_auth(opener, auth_handler, "Authorization",
+ realm, http_handler, password_manager,
+ "http://acme.example.com/protected",
+ "http://acme.example.com/protected",
+ )
def test_proxy_basic_auth(self):
opener = OpenerDirector()
diff --git a/Lib/urllib/request.py b/Lib/urllib/request.py
index 6cc78ed..96bb8d7 100644
--- a/Lib/urllib/request.py
+++ b/Lib/urllib/request.py
@@ -934,6 +934,9 @@
mo = AbstractBasicAuthHandler.rx.search(authreq)
if mo:
scheme, quote, realm = mo.groups()
+ if quote not in ['"',"'"]:
+ warnings.warn("Basic Auth Realm was unquoted",
+ UserWarning, 2)
if scheme.lower() == 'basic':
response = self.retry_http_basic_auth(host, req, realm)
if response and response.code != 401: