search

twisted / treq

Python requests like API built on top of Twisted's HTTP client.
Other
587 stars 140 forks source link

username/password in URLs #335

Open meejah opened 2 years ago

meejah commented 2 years ago

If a DecodedURL with a username/password in it is passed to a treq API, an error results about encoding a colon character (and the password is removed). (I can followup with the traceback but I don't have it immediately handy).

To make such a URL work, one can simply pass auth=url.userinfo to the treq reqeuest (and .replace(userinfo=()) to remove the username/password from URL) so it might be nice to have that as "a feature" in treq itself. That is, take out the userinfo from the DecodedURL and use it for authentication.

meejah commented 2 years ago

The error is something like this (note that the password after the colon is now gone). This is if you passed in something like DecodedURL.from_text(u"https://username:password@example.com")

    raise InvalidCodepoint('Codepoint {0} at position {1} of {2} not allowed'.format(_unot(cp_value), pos+1, repr(label)))
idna.core.InvalidCodepoint: Codepoint U+003A at position 9 of u'username:@example'' not allowed