# HG changeset patch # User Patrick Mezard # Date 2011-08-05 19:05:40 # Node ID 0f1311e829c950b9327d09069f391039eee724dc # Parent f4b7be3f843098c50d7da88a2231e2a9efe29730 http: strip credentials from urllib2 manager URIs (issue2885) urllib2 password manager does not strip credentials from URIs registered with add_password() and compare them with stripped URIs in find_password(). Remove credentials from URIs returned by util.url.authinfo(). It sometimes works when no port was specified as the URI host is registered too. diff --git a/mercurial/util.py b/mercurial/util.py --- a/mercurial/util.py +++ b/mercurial/util.py @@ -1565,7 +1565,9 @@ class url(object): self.user, self.passwd = user, passwd if not self.user: return (s, None) - return (s, (None, (str(self), self.host), + # authinfo[1] is passed to urllib2 password manager, and its URIs + # must not contain credentials. + return (s, (None, (s, self.host), self.user, self.passwd or '')) def isabs(self): diff --git a/tests/test-hgweb-auth.py b/tests/test-hgweb-auth.py --- a/tests/test-hgweb-auth.py +++ b/tests/test-hgweb-auth.py @@ -1,4 +1,5 @@ from mercurial import demandimport; demandimport.enable() +import urllib2 from mercurial import ui, util from mercurial import url from mercurial.error import Abort @@ -95,3 +96,12 @@ test({'x.prefix': 'http://example.org/fo 'y.username': 'y', 'y.password': 'ypassword'}, urls=['http://y@example.org/foo/bar']) + +def testauthinfo(fullurl, authurl): + print 'URIs:', fullurl, authurl + pm = urllib2.HTTPPasswordMgrWithDefaultRealm() + pm.add_password(*util.url(fullurl).authinfo()[1]) + print pm.find_user_password('test', authurl) + +print '\n*** Test urllib2 and util.url\n' +testauthinfo('http://user@example.com:8080/foo', 'http://example.com:8080/foo') diff --git a/tests/test-hgweb-auth.py.out b/tests/test-hgweb-auth.py.out --- a/tests/test-hgweb-auth.py.out +++ b/tests/test-hgweb-auth.py.out @@ -189,3 +189,8 @@ URI: http://y@example.org/foo CFG: {x.password: xpassword, x.prefix: http://example.org/foo/bar, x.username: None, y.password: ypassword, y.prefix: http://example.org/foo, y.username: y} URI: http://y@example.org/foo/bar ('y', 'xpassword') + +*** Test urllib2 and util.url + +URIs: http://user@example.com:8080/foo http://example.com:8080/foo +('user', '')