question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[Python 3] Basic auth relying on utf-8 encoding by default

See original GitHub issue

I got deceived by default requests behavior for auth headers.

As using a password containing some non-ascii chars, the basic auth method silently encoded in latin1, which caused authentication to fail as it was expected to be utf-8 encoded server side.

Utf-8 is default encoding in modern terminals and in python3 strings. As a result, requests behavior for auth is asymmetrical with curl and is odd when being reversed by authentication servers. Requests is expected to fail on non-binary input, or comply to web standards of using utf-8 text strings.

As a workaround I encoded the string in utf-8 beforehand authing with requests.

Reproduction Steps

import requests
requests.get('https://example.com', auth=('user', 'àéïòù'))

Expected Result

Basic auth header is base64encoded version of “user:àéïòù”.encode(‘utf-8’)

Actual Result

Basic auth header is base64encoded version of “user:àéïòù”.encode(‘latin1’)

Workaround

requests.get(‘https://example.com’, auth=(‘user’, ‘àéïòù’.encode(‘utf-8’)))

Issue Analytics

  • State:open
  • Created 5 years ago
  • Reactions:12
  • Comments:12 (4 by maintainers)

github_iconTop GitHub Comments

3reactions
CarliJoycommented, Aug 7, 2020

@anderseknert arthur-hav suggested an easier workaround already in the issue itself: requests.get('https://example.com', auth=(username.encode('utf-8), password.encode('utf-8')))

No need to manipulate the header itself.

0reactions
anderseknertcommented, Aug 7, 2020

Thanks @CarliJoy - seems I missed that somehow - probably since I had the workaround in place already when coming here 😃 That’s indeed better.

Read more comments on GitHub >

github_iconTop Results From Across the Web

[Python 3] Basic auth relying on utf-8 encoding by default
Utf-8 is default encoding in modern terminals and in python3 strings. As a result, requests behavior for auth is asymmetrical with curl and...
Read more >
Python, HTTPS GET with basic authentication
The request method documentation[1] mentions that "Strings are encoded as "ISO-8859-1", the default charset for HTTP". So i suggest to decode ...
Read more >
What's New In Python 3.8 — Python 3.11.1 documentation
The default protocol in the pickle module is now Protocol 4, first introduced in Python 3.4. It offers better performance and smaller size...
Read more >
Requests Documentation
curl -OL https://github.com/psf/requests/tarball/main ... The br transfer-encoding is automatically decoded for you if a Brotli library like ...
Read more >
Basic auth - HTTPie 3.2.1 (latest) docs
CLI HTTP that will make you smile. ... They can be found on the Python Package Index. ... where auto-detection would be unreliable,...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found