Closed rdawemsys closed 5 years ago
requests 2.20.0 was released in order to resolve a security issue. From http://docs.python-requests.org/en/master/community/updates/#release-history :
Requests removes Authorization header from requests redirected from https to http on the same hostname. (CVE-2018-18074)
Update to requests 2.20.1 to pick up that security fix, plus other bugfixes.
This has the side effect that Python 2.6 is no longer supported, because requests >= 2.20.0 no longer supports Python 2.6.
requests 2.20.0 was released in order to resolve a security issue. From http://docs.python-requests.org/en/master/community/updates/#release-history :
Update to requests 2.20.1 to pick up that security fix, plus other bugfixes.
This has the side effect that Python 2.6 is no longer supported, because requests >= 2.20.0 no longer supports Python 2.6.