[DOC] urllib.request: Explain how works Basic HTTP Authentication #11637
Conversation
|
Hello, and thanks for your contribution! I'm a bot set up to make sure that the project can legally accept your contribution by verifying you have signed the PSF contributor agreement (CLA). Unfortunately we couldn't find an account corresponding to your GitHub username on bugs.python.org (b.p.o) to verify you have signed the CLA (this might be simply due to a missing "GitHub Name" entry in your b.p.o account settings). This is necessary for legal reasons before we can look at your contribution. Please follow the steps outlined in the CPython devguide to rectify this issue. You can check yourself to see if the CLA has been received. Thanks again for your contribution, we look forward to reviewing it! |
The original example given in the doc, to manage Basic HTTP Authentication, only works when the authentication mechanism is properly implemented by the server. However, very often, this is not the case. And the top-answers on Stackoverflow recommend to bypass using password managers from ``urllib.request``, and instead, to manually encode the credentials in base64. These answers have mostly been written before the introduction of ``HTTPPasswordMgrWithPriorAuth``, which is aimed to solve this problem. By giving more explanations, directly in the Python documentation, about how the Basic HTTP Authentication mechanism is working, we will avoid people to copy/paste some outdated code snippet from Stackoverflow.
There was a problem hiding this comment.
The text seems to be using words like "you', "your" and in line 1244, there is a mistake with the phrase "After what,".
I recommend that the language be changed to how the rest of the document reads. The text can be simplified and written in an impersonal manner.
Like, "When a protected page is accessed, the server sends a 401 Unauthorized response..."
|
A Python core developer has requested some changes be made to your pull request before we can consider merging it. If you could please address their requests along with any other requests in other reviews from core developers that would be appreciated. Once you have made the requested changes, please leave a comment on this pull request containing the phrase |
|
@arugifa, please address the review comments from @orsenthil. Thank you! |
|
@arugifa ping |
|
Changes were requested by a core dev over two years ago, but have not been made. I'm therefore closing this PR. @arugifa, if you're still interested in working on this issue, please feel free to open a new PR. Alternatively, ping me, and I'll happily reopen this PR. Thanks! 🙂 |
The original example given in the doc, to manage Basic HTTP Authentication,
only works when the authentication mechanism is properly implemented by
the server.
However, very often, this is not the case. And the top-answers on Stackoverflow
recommend to bypass using password managers from
urllib.request, and instead,to manually encode the credentials in base64.
These answers have mostly been written before the introduction of
HTTPPasswordMgrWithPriorAuth, which is aimed to solve this problem.By giving more explanations, directly in the Python documentation, about how
the Basic HTTP Authentication mechanism is working, we will avoid people to
copy/paste some outdated code snippet from Stackoverflow.