# HG changeset patch # User Patrick Mezard # Date 1312571140 -7200 # Node ID 0f1311e829c950b9327d09069f391039eee724dc # Parent f4b7be3f843098c50d7da88a2231e2a9efe29730 http: strip credentials from urllib2 manager URIs (issue2885) urllib2 password manager does not strip credentials from URIs registered with add_password() and compare them with stripped URIs in find_password(). Remove credentials from URIs returned by util.url.authinfo(). It sometimes works when no port was specified as the URI host is registered too. diff -r f4b7be3f8430 -r 0f1311e829c9 mercurial/util.py --- a/mercurial/util.py Thu Aug 04 19:41:23 2011 +0300 +++ b/mercurial/util.py Fri Aug 05 21:05:40 2011 +0200 @@ -1565,7 +1565,9 @@ self.user, self.passwd = user, passwd if not self.user: return (s, None) - return (s, (None, (str(self), self.host), + # authinfo[1] is passed to urllib2 password manager, and its URIs + # must not contain credentials. + return (s, (None, (s, self.host), self.user, self.passwd or '')) def isabs(self): diff -r f4b7be3f8430 -r 0f1311e829c9 tests/test-hgweb-auth.py --- a/tests/test-hgweb-auth.py Thu Aug 04 19:41:23 2011 +0300 +++ b/tests/test-hgweb-auth.py Fri Aug 05 21:05:40 2011 +0200 @@ -1,4 +1,5 @@ from mercurial import demandimport; demandimport.enable() +import urllib2 from mercurial import ui, util from mercurial import url from mercurial.error import Abort @@ -95,3 +96,12 @@ 'y.username': 'y', 'y.password': 'ypassword'}, urls=['http://y@example.org/foo/bar']) + +def testauthinfo(fullurl, authurl): + print 'URIs:', fullurl, authurl + pm = urllib2.HTTPPasswordMgrWithDefaultRealm() + pm.add_password(*util.url(fullurl).authinfo()[1]) + print pm.find_user_password('test', authurl) + +print '\n*** Test urllib2 and util.url\n' +testauthinfo('http://user@example.com:8080/foo', 'http://example.com:8080/foo') diff -r f4b7be3f8430 -r 0f1311e829c9 tests/test-hgweb-auth.py.out --- a/tests/test-hgweb-auth.py.out Thu Aug 04 19:41:23 2011 +0300 +++ b/tests/test-hgweb-auth.py.out Fri Aug 05 21:05:40 2011 +0200 @@ -189,3 +189,8 @@ CFG: {x.password: xpassword, x.prefix: http://example.org/foo/bar, x.username: None, y.password: ypassword, y.prefix: http://example.org/foo, y.username: y} URI: http://y@example.org/foo/bar ('y', 'xpassword') + +*** Test urllib2 and util.url + +URIs: http://user@example.com:8080/foo http://example.com:8080/foo +('user', '')