[Python 3] Basic auth relying on utf-8 encoding by default
See original GitHub issueI got deceived by default requests behavior for auth headers.
As using a password containing some non-ascii chars, the basic auth method silently encoded in latin1, which caused authentication to fail as it was expected to be utf-8 encoded server side.
Utf-8 is default encoding in modern terminals and in python3 strings. As a result, requests behavior for auth is asymmetrical with curl and is odd when being reversed by authentication servers. Requests is expected to fail on non-binary input, or comply to web standards of using utf-8 text strings.
As a workaround I encoded the string in utf-8 beforehand authing with requests.
Reproduction Steps
import requests
requests.get('https://example.com', auth=('user', 'àéïòù'))
Expected Result
Basic auth header is base64encoded version of “user:àéïòù”.encode(‘utf-8’)
Actual Result
Basic auth header is base64encoded version of “user:àéïòù”.encode(‘latin1’)
Workaround
requests.get(‘https://example.com’, auth=(‘user’, ‘àéïòù’.encode(‘utf-8’)))
Issue Analytics
- State:
- Created 5 years ago
- Reactions:12
- Comments:12 (4 by maintainers)
Top GitHub Comments
@anderseknert arthur-hav suggested an easier workaround already in the issue itself:
requests.get('https://example.com', auth=(username.encode('utf-8), password.encode('utf-8')))
No need to manipulate the header itself.
Thanks @CarliJoy - seems I missed that somehow - probably since I had the workaround in place already when coming here 😃 That’s indeed better.