With cURL, I can do --location-trusted to allow sending the name+password to all hosts the site may redirect to (http://curl.haxx.se/docs/manpage.html#--location-trusted).
Can I do something similar in Python with the requests library?
Python requests equivalent for cURL's --location-trusted
Asked Answered
For the record, it has been answered here since then #60358716 –
Blondie
If you have to use libcurl (which you legitimately may!), you'll need to pass it the CURLOPT_UNRESTRICTED_AUTH option.
While the doc page itself doesn't mention it, this is the libcurl equivalent of the command line --location-trusted flag. See the CVE page where they introduced --location-trusted for more info.
requests will automatically take care of redirects:
https://requests.readthedocs.io/en/latest/user/quickstart/#redirection-and-history
So, this should be a good place to start (if you haven't already gone through it):
https://requests.readthedocs.io/en/latest/user/authentication/
But when the redirect happens, the username and password pair is not passed over. So, I'm getting authentication issue when redirected. –
Chiropractic
@Chiropractic were you able to find out the solution? –
Cede
You can use a urllib3.util.Retry object to tell requests to not remove the Authorization header when it has to retry a request because it was redirected.
import requests
from requests.adapters import HTTPAdapter, Retry
s = requests.Session()
# Default is {'Authorization'}
retries = Retry(remove_headers_on_redirect=set())
s.mount('http://', HTTPAdapter(max_retries=retries))
s.get("http://httpstat.us/301", auth=('user', 'password'))
I have no idea if this works, I just read this github issue, this SO question and the docs I linked. –
Squash
© 2022 - 2024 — McMap. All rights reserved.