When being redirected we may want to strip authentication from the request to avoid leaking credentials. This method intelligently removes and reapplies authentication where possible to avoid credential loss.
(
self, prepared_request: PreparedRequest, response: Response
)
| 307 | yield resp |
| 308 | |
| 309 | def rebuild_auth( |
| 310 | self, prepared_request: PreparedRequest, response: Response |
| 311 | ) -> None: |
| 312 | """When being redirected we may want to strip authentication from the |
| 313 | request to avoid leaking credentials. This method intelligently removes |
| 314 | and reapplies authentication where possible to avoid credential loss. |
| 315 | """ |
| 316 | original_request = response.request |
| 317 | assert _is_prepared(original_request) |
| 318 | assert _is_prepared(prepared_request) |
| 319 | |
| 320 | headers = prepared_request.headers |
| 321 | original_url = original_request.url |
| 322 | url = prepared_request.url |
| 323 | |
| 324 | if "Authorization" in headers and self.should_strip_auth(original_url, url): |
| 325 | # If we get redirected to a new host, we should strip out any |
| 326 | # authentication headers. |
| 327 | del headers["Authorization"] |
| 328 | |
| 329 | # .netrc might have more auth for us on our new host. |
| 330 | new_auth = get_netrc_auth(url) if self.trust_env else None |
| 331 | if new_auth is not None: |
| 332 | prepared_request.prepare_auth(new_auth) |
| 333 | |
| 334 | def rebuild_proxies( |
| 335 | self, |
no test coverage detected