[Patch #1574068 by Scott Dial] urllib and urllib2 were using

base64.encodestring() for encoding authentication data. encodestring() can include newlines for very long input, which produced broken HTTP headers.
2025-10-30 21:21:22 +00:00 · 2006-10-27 17:11:23 +00:00 · 2006-10-27 17:11:23 +00:00 · 872dba4253
commit 872dba4253
parent 6d72b0e1f8
2 changed files with 6 additions and 6 deletions
--- a/Lib/urllib.py
+++ b/Lib/urllib.py
@ -302,13 +302,13 @@ def open_http(self, url, data=None):

        if proxy_passwd:
            import base64
-            proxy_auth = base64.encodestring(proxy_passwd).strip()
+            proxy_auth = base64.b64encode(proxy_passwd).strip()
        else:
            proxy_auth = None

        if user_passwd:
            import base64
-            auth = base64.encodestring(user_passwd).strip()
+            auth = base64.b64encode(user_passwd).strip()
        else:
            auth = None
        h = httplib.HTTP(host)
@ -387,12 +387,12 @@ def open_https(self, url, data=None):
            if not host: raise IOError, ('https error', 'no host given')
            if proxy_passwd:
                import base64
-                proxy_auth = base64.encodestring(proxy_passwd).strip()
+                proxy_auth = base64.b64encode(proxy_passwd).strip()
            else:
                proxy_auth = None
            if user_passwd:
                import base64
-                auth = base64.encodestring(user_passwd).strip()
+                auth = base64.b64encode(user_passwd).strip()
            else:
                auth = None
            h = httplib.HTTPS(host, 0,
--- a/Lib/urllib2.py
+++ b/Lib/urllib2.py
@ -674,7 +674,7 @@ def proxy_open(self, req, proxy, type):
            proxy_type = orig_type
        if user and password:
            user_pass = '%s:%s' % (unquote(user), unquote(password))
-            creds = base64.encodestring(user_pass).strip()
+            creds = base64.b64encode(user_pass).strip()
            req.add_header('Proxy-authorization', 'Basic ' + creds)
        hostport = unquote(hostport)
        req.set_proxy(hostport, proxy_type)
@ -798,7 +798,7 @@ def retry_http_basic_auth(self, host, req, realm):
        user, pw = self.passwd.find_user_password(realm, host)
        if pw is not None:
            raw = "%s:%s" % (user, pw)
-            auth = 'Basic %s' % base64.encodestring(raw).strip()
+            auth = 'Basic %s' % base64.b64encode(raw).strip()
            if req.headers.get(self.auth_header, None) == auth:
                return None
            req.add_header(self.auth_header, auth)