diff options
author | Nick Coghlan <ncoghlan@gmail.com> | 2014-11-12 23:33:50 +1000 |
---|---|---|
committer | Nick Coghlan <ncoghlan@gmail.com> | 2014-11-12 23:33:50 +1000 |
commit | c216c4869921cb9ade491704f945d6f1401ccbcc (patch) | |
tree | 4f72aacd2ea44a4a9fba3312d62873f7ff611602 /Doc/library/urllib.request.rst | |
parent | ab14088141ab749763e35b7a49e79c368940e12d (diff) | |
download | cpython-git-c216c4869921cb9ade491704f945d6f1401ccbcc.tar.gz |
Close #19494: add urrlib.request.HTTPBasicPriorAuthHandler
This auth handler adds the Authorization header to the first
HTTP request rather than waiting for a HTTP 401 Unauthorized
response from the server as the default HTTPBasicAuthHandler
does.
This allows working with websites like https://api.github.com which do
not follow the strict interpretation of RFC, but more the dicta in the
end of section 2 of RFC 2617:
> A client MAY preemptively send the corresponding Authorization
> header with requests for resources in that space without receipt
> of another challenge from the server. Similarly, when a client
> sends a request to a proxy, it may reuse a userid and password in
> the Proxy-Authorization header field without receiving another
> challenge from the proxy server. See section 4 for security
> considerations associated with Basic authentication.
Patch by Matej Cepl.
Diffstat (limited to 'Doc/library/urllib.request.rst')
-rw-r--r-- | Doc/library/urllib.request.rst | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/Doc/library/urllib.request.rst b/Doc/library/urllib.request.rst index f42025961f..dca56d6e04 100644 --- a/Doc/library/urllib.request.rst +++ b/Doc/library/urllib.request.rst @@ -304,6 +304,17 @@ The following classes are provided: presented with a wrong Authentication scheme. +.. class:: HTTPBasicPriorAuthHandler(password_mgr=None) + + A variant of :class:`HTTPBasicAuthHandler` which automatically sends + authorization credentials with the first request, rather than waiting to + first receive a HTTP 401 "Unauthorised" error response. This allows + authentication to sites that don't provide a 401 response when receiving + a request without an Authorization header. Aside from this difference, + this behaves exactly as :class:`HTTPBasicAuthHandler`. + + .. versionadded:: 3.5 + .. class:: ProxyBasicAuthHandler(password_mgr=None) Handle authentication with the proxy. *password_mgr*, if given, should be |