Issue12541 - Add UserWarning for unquoted realms
diff --git a/Lib/test/test_urllib2.py b/Lib/test/test_urllib2.py
index ad558da..fc76a6c 100644
--- a/Lib/test/test_urllib2.py
+++ b/Lib/test/test_urllib2.py
@@ -1106,8 +1106,8 @@
self._test_basic_auth(opener, auth_handler, "Authorization",
realm, http_handler, password_manager,
"http://acme.example.com/protected",
- "http://acme.example.com/protected",
- )
+ "http://acme.example.com/protected"
+ )
def test_basic_auth_with_single_quoted_realm(self):
self.test_basic_auth(quote_char="'")
@@ -1121,11 +1121,13 @@
401, 'WWW-Authenticate: Basic realm=%s\r\n\r\n' % realm)
opener.add_handler(auth_handler)
opener.add_handler(http_handler)
- self._test_basic_auth(opener, auth_handler, "Authorization",
- realm, http_handler, password_manager,
- "http://acme.example.com/protected",
- "http://acme.example.com/protected",
- )
+ msg = "Basic Auth Realm was unquoted"
+ with test_support.check_warnings((msg, UserWarning)):
+ self._test_basic_auth(opener, auth_handler, "Authorization",
+ realm, http_handler, password_manager,
+ "http://acme.example.com/protected",
+ "http://acme.example.com/protected"
+ )
def test_proxy_basic_auth(self):
diff --git a/Lib/urllib2.py b/Lib/urllib2.py
index 21b5262..d4596cd 100644
--- a/Lib/urllib2.py
+++ b/Lib/urllib2.py
@@ -102,6 +102,7 @@
import time
import urlparse
import bisect
+import warnings
try:
from cStringIO import StringIO
@@ -861,6 +862,9 @@
mo = AbstractBasicAuthHandler.rx.search(authreq)
if mo:
scheme, quote, realm = mo.groups()
+ if quote not in ['"', "'"]:
+ warnings.warn("Basic Auth Realm was unquoted",
+ UserWarning, 2)
if scheme.lower() == 'basic':
response = self.retry_http_basic_auth(host, req, realm)
if response and response.code != 401: