Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cpython3 / c216c4869921cb9ade491704f945d6f1401ccbcc^! / . / Doc
commitc216c4869921cb9ade491704f945d6f1401ccbcc[log] [tgz]
authorNick Coghlan <ncoghlan@gmail.com>Wed Nov 12 23:33:50 2014 +1000
committerNick Coghlan <ncoghlan@gmail.com>Wed Nov 12 23:33:50 2014 +1000
tree4f72aacd2ea44a4a9fba3312d62873f7ff611602
parentab14088141ab749763e35b7a49e79c368940e12d [diff]
Close #19494: add urrlib.request.HTTPBasicPriorAuthHandler

This auth handler adds the Authorization header to the first
HTTP request rather than waiting for a HTTP 401 Unauthorized
response from the server as the default HTTPBasicAuthHandler
does.

This allows working with websites like https://api.github.com which do
not follow the strict interpretation of RFC, but more the dicta in the
end of section 2 of RFC 2617:

    > A client MAY preemptively send the corresponding Authorization
    > header with requests for resources in that space without receipt
    > of another challenge from the server.  Similarly, when a client
    > sends a request to a proxy, it may reuse a userid and password in
    > the Proxy-Authorization header field without receiving another
    > challenge from the proxy server. See section 4 for security
    > considerations associated with Basic authentication.

Patch by Matej Cepl.

diff --git a/Doc/library/urllib.request.rst b/Doc/library/urllib.request.rst
index f420259..dca56d6 100644
--- a/Doc/library/urllib.request.rst
+++ b/Doc/library/urllib.request.rst

@@ -304,6 +304,17 @@
    presented with a wrong Authentication scheme.
 
 
+.. class:: HTTPBasicPriorAuthHandler(password_mgr=None)
+
+   A variant of :class:`HTTPBasicAuthHandler` which automatically sends
+   authorization credentials with the first request, rather than waiting to
+   first receive a HTTP 401 "Unauthorised" error response. This allows
+   authentication to sites that don't provide a 401 response when receiving
+   a request without an Authorization header. Aside from this difference,
+   this behaves exactly as :class:`HTTPBasicAuthHandler`.
+
+   .. versionadded:: 3.5
+
 .. class:: ProxyBasicAuthHandler(password_mgr=None)
 
    Handle authentication with the proxy. *password_mgr*, if given, should be

diff --git a/Doc/whatsnew/3.5.rst b/Doc/whatsnew/3.5.rst
index 502ac44..e90f5fa 100644
--- a/Doc/whatsnew/3.5.rst
+++ b/Doc/whatsnew/3.5.rst

@@ -297,6 +297,15 @@
 * The :func:`time.monotonic` function is now always available.  (Contributed by
   Victor Stinner in :issue:`22043`.)
 
+time
+----
+
+* A new :class:`urllib.request.HTTPBasicPriorAuthHandler` allows HTTP Basic
+  Authentication credentials to be sent unconditionally with the first HTTP
+  request, rather than waiting for a HTTP 401 Unauthorized response from the
+  server.
+  (Contributed by Matej Cepl in :issue:`19494`.)
+
 wsgiref
 -------