Skip to content
Snippets Groups Projects
Unverified Commit 31fef7ed authored by Miss Islington (bot)'s avatar Miss Islington (bot) Committed by GitHub
Browse files

bpo-46756: Fix authorization check in urllib.request (GH-31353) (GH-31573) 


Fix a bug in urllib.request.HTTPPasswordMgr.find_user_password() and
urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() which
allowed to bypass authorization. For example, access to URI "example.org/foobar"
was allowed if the user was authorized for URI "example.org/foo".
(cherry picked from commit e2e72567)

Co-authored-by: default avatarSerhiy Storchaka <storchaka@gmail.com>
parent 15d7594d
Branches
Tags
No related merge requests found
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment