cpython.git - https://github.com/python/cpython.git

diff options

author	Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>	2022-02-25 11:57:30 (GMT)
committer	GitHub <noreply@github.com>	2022-02-25 11:57:30 (GMT)
commit	2b7e04d61274af03426975fe824ed83eca35b035 (patch)
tree	8497c04c372d92b643d77ea0158f3c3eb65abd47 /Python
parent	632a8121d4d577541c3fddffc986bcb8d8d545b6 (diff)
download	cpython-2b7e04d61274af03426975fe824ed83eca35b035.zip cpython-2b7e04d61274af03426975fe824ed83eca35b035.tar.gz cpython-2b7e04d61274af03426975fe824ed83eca35b035.tar.bz2

bpo-46756: Fix authorization check in urllib.request (GH-31353)

Fix a bug in urllib.request.HTTPPasswordMgr.find_user_password() and urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() which allowed to bypass authorization. For example, access to URI "example.org/foobar" was allowed if the user was authorized for URI "example.org/foo". (cherry picked from commit e2e72567a1c94c548868f6ee5329363e6036057a) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>

Diffstat (limited to 'Python')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: