search

JordanMilne / Advocate

An SSRF-preventing wrapper around Python's requests library. Advocate is no longer maintained, please fork and rename if you would like to continue work on it.
Other
92 stars 17 forks source link

Advocate stops working with requests #8

Closed mercuree closed 4 years ago

mercuree commented 6 years ago

Since requests 2.14.0 advocate is broken. requests updated its internal urllib3 version and this can be the cause of the problem. I get an error which relates to urllib3:

File "D:\******\******\env36\lib\site-packages\requests\sessions.py", line 531, in get
    return self.request('GET', url, **kwargs)
  File "D:\******\******\env36\lib\site-packages\requests\sessions.py", line 518, in request
    resp = self.send(prep, **send_kwargs)
  File "D:\******\******\env36\lib\site-packages\requests\sessions.py", line 639, in send
    r = adapter.send(request, **kwargs)
  File "D:\******\******\env36\lib\site-packages\requests\adapters.py", line 403, in send
    conn = self.get_connection(request.url, proxies)
  File "D:\******\******\env36\lib\site-packages\requests\adapters.py", line 307, in get_connection
    conn = self.poolmanager.connection_from_url(url)
  File "D:\******\******\env36\lib\site-packages\requests\packages\urllib3\poolmanager.py", line 279, in connection_from_url
    pool_kwargs=pool_kwargs)
  File "D:\******\******\env36\lib\site-packages\requests\packages\urllib3\poolmanager.py", line 227, in connection_from_host
    return self.connection_from_context(request_context)
  File "D:\******\******\env36\lib\site-packages\requests\packages\urllib3\poolmanager.py", line 238, in connection_from_context
    pool_key = pool_key_constructor(request_context)
  File "D:\******\******\env36\lib\site-packages\requests\packages\urllib3\poolmanager.py", line 103, in _default_key_normalizer
    return key_class(**context)
TypeError: __new__() got an unexpected keyword argument 'key_validator'
KevinHock commented 6 years ago

I got this too.

JordanMilne commented 6 years ago

I'll be working on this this weekend. The underlying APIs and testing methods for requests have changed enough that I'm going to drop backwards compat for requests earlier than 2.13 (maybe 2.18.)

KevinHock commented 6 years ago

You're the best @JordanMilne :)

benbariteau commented 6 years ago

I also ran into this.

barakt11 commented 5 years ago

any update here?

ghost commented 5 years ago

dudes?

ghost commented 5 years ago

Should I use it on production?

KevinHock commented 5 years ago

Hi @marataziat, with all due respect I wouldn't suggest using this on production at this time. (I wouldn't use PyT on production either ;) )

ghost commented 5 years ago

KevinHock ok :3

JordanMilne commented 4 years ago

This should have been fixed by advocate 1.0.0, requests 2.18.0 and above are now supported. As a side note, I agree with @KevinHock. Plain requests with a properly configured egress proxy is far preferable :)