[Patch #1574068 by Scott Dial] urllib and urllib2 were using

base64.encodestring() for encoding authentication data. encodestring() can include newlines for very long input, which produced broken HTTP headers.
2025-07-29 14:15:07 +00:00 · 2006-10-27 17:11:23 +00:00 · 2006-10-27 17:11:23 +00:00 · 872dba4253
commit 872dba4253
parent 6d72b0e1f8
2 changed files with 6 additions and 6 deletions
--- a/Lib/urllib.py
+++ b/Lib/urllib.py
@ -302,13 +302,13 @@ class URLopener:

        if proxy_passwd:
            import base64
-            proxy_auth = base64.encodestring(proxy_passwd).strip()
+            proxy_auth = base64.b64encode(proxy_passwd).strip()
        else:
            proxy_auth = None

        if user_passwd:
            import base64
-            auth = base64.encodestring(user_passwd).strip()
+            auth = base64.b64encode(user_passwd).strip()
        else:
            auth = None
        h = httplib.HTTP(host)
@ -387,12 +387,12 @@ class URLopener:
            if not host: raise IOError, ('https error', 'no host given')
            if proxy_passwd:
                import base64
-                proxy_auth = base64.encodestring(proxy_passwd).strip()
+                proxy_auth = base64.b64encode(proxy_passwd).strip()
            else:
                proxy_auth = None
            if user_passwd:
                import base64
-                auth = base64.encodestring(user_passwd).strip()
+                auth = base64.b64encode(user_passwd).strip()
            else:
                auth = None
            h = httplib.HTTPS(host, 0,