From 34f3fcc269be2ecded57ff3ae336977c5e74c42f Mon Sep 17 00:00:00 2001
From: Senthil Kumaran <senthil@uthcode.com>
Date: Tue, 15 May 2012 22:30:25 +0800
Subject: Issue #12541: Be lenient with quotes around Realm field of HTTP Basic
 Authentation in urllib2.

 G: changed Misc/NEWS
---
 Lib/urllib/request.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'Lib/urllib/request.py')

diff --git a/Lib/urllib/request.py b/Lib/urllib/request.py
index fe2cfcdbbef..cbcbe1ae373 100644
--- a/Lib/urllib/request.py
+++ b/Lib/urllib/request.py
@@ -794,7 +794,7 @@ class AbstractBasicAuthHandler:
     # allow for double- and single-quoted realm values
     # (single quotes are a violation of the RFC, but appear in the wild)
     rx = re.compile('(?:.*,)*[ \t]*([^ \t]+)[ \t]+'
-                    'realm=(["\'])(.*?)\\2', re.I)
+                    'realm=(["\']?)([^"\']*)\\2', re.I)
 
     # XXX could pre-emptively send auth info already accepted (RFC 2617,
     # end of section 2, and section 1.2 immediately after "credentials"
-- 
cgit v1.2.3