Changelog
### 2.20.1
```
-------------------
**Bugfixes**
- Fixed bug with unintended Authorization header stripping for
redirects using default ports (http/80, https/443).
```
### 2.20.0
```
-------------------
**Bugfixes**
- Content-Type header parsing is now case-insensitive (e.g.
charset=utf8 v Charset=utf8).
- Fixed exception leak where certain redirect urls would raise
uncaught urllib3 exceptions.
- Requests removes Authorization header from requests redirected
from https to http on the same hostname. (CVE-2018-18074)
- `should_bypass_proxies` now handles URIs without hostnames (e.g.
files).
**Dependencies**
- Requests now supports urllib3 v1.24.
**Deprecations**
- Requests has officially stopped support for Python 2.6.
```
Links
- PyPI: https://pypi.org/project/requests
- Changelog: https://pyup.io/changelogs/requests/
- Homepage: http://python-requests.org
Coverage remained the same at 80.112% when pulling d2b591d7aba5baafa71bd827efae65358b9ffc7d on pyup-update-requests-2.19.1-to-2.20.1 into 223b464f0bf0881b80dd30cc5cc37b3146a7277e on master.
This PR updates requests from 2.19.1 to 2.20.1.
Changelog
### 2.20.1 ``` ------------------- **Bugfixes** - Fixed bug with unintended Authorization header stripping for redirects using default ports (http/80, https/443). ``` ### 2.20.0 ``` ------------------- **Bugfixes** - Content-Type header parsing is now case-insensitive (e.g. charset=utf8 v Charset=utf8). - Fixed exception leak where certain redirect urls would raise uncaught urllib3 exceptions. - Requests removes Authorization header from requests redirected from https to http on the same hostname. (CVE-2018-18074) - `should_bypass_proxies` now handles URIs without hostnames (e.g. files). **Dependencies** - Requests now supports urllib3 v1.24. **Deprecations** - Requests has officially stopped support for Python 2.6. ```Links
- PyPI: https://pypi.org/project/requests - Changelog: https://pyup.io/changelogs/requests/ - Homepage: http://python-requests.org