Patch #812285: allow multiple auth schemes in AbstractBasicAuthHandler. (backport from rev. 54195)

commit: fd13ef9c9c6df46143a2d1d28e7ac6063158fb23 [log] [tgz]
author: Georg Brandl <georg@python.org> Wed Mar 07 07:39:13 2007 +0000
committer: Georg Brandl <georg@python.org> Wed Mar 07 07:39:13 2007 +0000
tree: ecbb8ce77c7b6bfb3ee9ab9c281dc1f97db2bf15
parent: 6a9c780cde7d4e554ef432eee9684d7f2039f38b [diff] [blame]
diff --git a/Lib/urllib2.py b/Lib/urllib2.py
index 1ab5c61..4e926a1 100644
--- a/Lib/urllib2.py
+++ b/Lib/urllib2.py

@@ -766,11 +766,10 @@
 
 class AbstractBasicAuthHandler:
 
-    rx = re.compile('[ \t]*([^ \t]+)[ \t]+realm="([^"]*)"', re.I)
+    # XXX this allows for multiple auth-schemes, but will stupidly pick
+    # the last one with a realm specified.
 
-    # XXX there can actually be multiple auth-schemes in a
-    # www-authenticate header.  should probably be a lot more careful
-    # in parsing them to extract multiple alternatives
+    rx = re.compile('(?:.*,)*[ \t]*([^ \t]+)[ \t]+realm="([^"]*)"', re.I)
 
     # XXX could pre-emptively send auth info already accepted (RFC 2617,
     # end of section 2, and section 1.2 immediately after "credentials"
commit	fd13ef9c9c6df46143a2d1d28e7ac6063158fb23	[log] [tgz]
author	Georg Brandl <georg@python.org>	Wed Mar 07 07:39:13 2007 +0000
committer	Georg Brandl <georg@python.org>	Wed Mar 07 07:39:13 2007 +0000
tree	ecbb8ce77c7b6bfb3ee9ab9c281dc1f97db2bf15
parent	6a9c780cde7d4e554ef432eee9684d7f2039f38b [diff] [blame]