kennethreitz/requests
1
0
Fork 0
mirror of https://github.com/kennethreitz/requests.git synced 2026-06-05 14:50:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Revert "Add trusted domains"

Browse Source 
This reverts commit fbe48fbb7c.
This commit is contained in:
Nate Prewitt
2019-09-19 07:34:55 -07:00
parent 1462917951
commit 09fd857eb1
1 changed files with 1 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
requests/sessions.py
+1 -8
View File
@@ -95,10 +95,6 @@ def merge_hooks(request_hooks, session_hooks, dict_class=OrderedDict):
class SessionRedirectMixin(object):
def __init__(self):
#: A list of domains that will be excluded from auth stripping
self.trusted_domains = []
def get_redirect_target(self, resp):
"""Receives a Response. Returns a redirect URI or ``None``"""
# Due to the nature of how requests processes redirects this method will
@@ -124,8 +120,7 @@ class SessionRedirectMixin(object):
"""Decide whether Authorization header should be removed when redirecting"""
old_parsed = urlparse(old_url)
new_parsed = urlparse(new_url)
if (old_parsed.hostname != new_parsed.hostname
and new_parsed.hostname not in self.trusted_domains):
if old_parsed.hostname != new_parsed.hostname:
return True
# Special case: allow http -> https redirect when using the standard
# ports. This isn't specified by RFC 7235, but is kept to avoid
@@ -419,8 +414,6 @@ class Session(SessionRedirectMixin):
self.mount('https://', HTTPAdapter())
self.mount('http://', HTTPAdapter())
super().__init__()
def __enter__(self):
return self