blob: 1660640c5d3fb8a28bdb699876b9716f7eb40b03 (
plain)
1
2
3
4
5
|
Fix a bug in :meth:`urllib.request.HTTPPasswordMgr.find_user_password` and
:meth:`urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated` which
allowed to bypass authorization. For example, access to URI
``example.org/foobar`` was allowed if the user was authorized for URI
``example.org/foo``.
|
