Issue13696 - Fix 302 Redirection for Relative urls.

6497aa3e · Senthil Kumaran · b7ffed8a · 6497aa3e · 6497aa3e · 6497aa3e
Kaydet (Commit) 6497aa3e authored Ock 04, 2012 tarafından Senthil Kumaran
Hide whitespace changes
Inline Side-by-side

Showing with 17 additions and 2 deletions

test_urllib2.py Lib/test/test_urllib2.py +13 -0

request.py Lib/urllib/request.py +2 -2

NEWS Misc/NEWS +2 -0

No files found.
--- a/Lib/test/test_urllib2.py
+++ b/Lib/test/test_urllib2.py
@@ -1059,6 +1059,19 @@ class HandlerTests(unittest.TestCase):
                MockHeaders({"location": valid_url}))
            self.assertEqual(o.req.get_full_url(), valid_url)

+    def test_relative_redirect(self):
+        from_url = "http://example.com/a.html"
+        relative_url = "/b.html"
+        h = urllib.request.HTTPRedirectHandler()
+        o = h.parent = MockOpener()
+        req = Request(from_url)
+        req.timeout = socket._GLOBAL_DEFAULT_TIMEOUT
+
+        valid_url = urllib.parse.urljoin(from_url,relative_url)
+        h.http_error_302(req, MockFile(), 302, "That's fine",
+            MockHeaders({"location": valid_url}))
+        self.assertEqual(o.req.get_full_url(), valid_url)
+
    def test_cookie_redirect(self):
        # cookies shouldn't leak into redirected requests
        from http.cookiejar import CookieJar

--- a/Lib/urllib/request.py
+++ b/Lib/urllib/request.py
@@ -552,7 +552,7 @@ class HTTPRedirectHandler(BaseHandler):
        # For security reasons we don't allow redirection to anything other
        # than http, https or ftp.

-        if urlparts.scheme not in ('http', 'https', 'ftp'):
+        if urlparts.scheme not in ('http', 'https', 'ftp', ''):
            raise HTTPError(
                newurl, code,
                "%s - Redirection to url '%s' is not allowed" % (msg, newurl),
@@ -1935,7 +1935,7 @@ class FancyURLopener(URLopener):
        # We are using newer HTTPError with older redirect_internal method
        # This older method will get deprecated in 3.3

-        if urlparts.scheme not in ('http', 'https', 'ftp'):
+        if urlparts.scheme not in ('http', 'https', 'ftp', ''):
            raise HTTPError(newurl, errcode,
                            errmsg +
                            " Redirection to url '%s' is not allowed." % newurl,

--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -97,6 +97,8 @@ Core and Builtins
 Library
 -------

+- Issue #13696: Fix the 302 Relative URL Redirection problem.
+
 - Issue #13636: Weak ciphers are now disabled by default in the ssl module
  (except when SSLv2 is explicitly asked for).