[Patch #1574068 by Scott Dial] urllib and urllib2 were using

base64.encodestring() for encoding authentication data. encodestring() can include newlines for very long input, which produced broken HTTP headers. 2.4 backport candidate, probably.
2025-08-19 00:00:48 +00:00 · 2006-10-27 17:13:33 +00:00 · 2006-10-27 17:13:33 +00:00 · ff9e7abac8
commit ff9e7abac8
parent 7d1d540cc3
3 changed files with 9 additions and 6 deletions
--- a/Lib/urllib.py
+++ b/Lib/urllib.py
@ -302,13 +302,13 @@ class URLopener:

        if proxy_passwd:
            import base64
-            proxy_auth = base64.encodestring(proxy_passwd).strip()
+            proxy_auth = base64.b64encode(proxy_passwd).strip()
        else:
            proxy_auth = None

        if user_passwd:
            import base64
-            auth = base64.encodestring(user_passwd).strip()
+            auth = base64.b64encode(user_passwd).strip()
        else:
            auth = None
        h = httplib.HTTP(host)
@ -387,12 +387,12 @@ class URLopener:
            if not host: raise IOError, ('https error', 'no host given')
            if proxy_passwd:
                import base64
-                proxy_auth = base64.encodestring(proxy_passwd).strip()
+                proxy_auth = base64.b64encode(proxy_passwd).strip()
            else:
                proxy_auth = None
            if user_passwd:
                import base64
-                auth = base64.encodestring(user_passwd).strip()
+                auth = base64.b64encode(user_passwd).strip()
            else:
                auth = None
            h = httplib.HTTPS(host, 0,