New submission from Brad Olson <br...@movedbylight.com>: For each request requiring HTTP authentication, urllib2 submits the request without authentication, receives the server's 401 error/challenge, then re-submits the request with authentication.
This is compliant behavior. The problem comes in that urllib2 repeats this for every ensuing request to the same namespace. At times this is just an inefficiency--every request gets sent twice, often with POST data (which can be sizeable). Sometimes, especially with large POST bodies, this causes a connection failure. (Mercurial suffers greatly from this (and I have suggested workaround to that team.) This isn't non-compliant behavior, but RFC2617 (sections 2, 3.3) suggests that once an HTTP client authenticates, it pre-emptively send authentication with ensuing requests. More analysis and fix suggestions at bitbucket.org/bradobro/liquidhg/wiki/Home. ---------- components: Library (Lib) messages: 94180 nosy: bradobro severity: normal status: open title: Urllib2 authentication memory. type: behavior versions: Python 2.6 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue7159> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
