I only moved the code into a function, there was no actual change to
the code. I added a few tests to ensure we're doing things correctly.
The real point of me doing this is to make it easier to bring back
`strict_mode` functionality. For you requests youngsters in the crowd,
`strict_mode` followed the spec for redirects meaning the method
wouldn't change to a GET. The current code follows the browser
convention of changing the method to a GET when doing a 302 redirect.
However, lots of servers want you to follow the standards (the nerve!)
so I'd like to override the logic. Now that the method changing logic
is in `rebuild_method`, I can simply override that function instead of
overriding the entire `resolve_redirects` function as suggested by
kennethreitz/requests#1325
Specified the default argument for params that have a default in the docstring
so that the default is easier to see from the code. Modified the docstring in
api.py to match the docstring in sessions.py.
It is not clear that :param verify defaults to True. The way the verify
portion of the docstring is written it looks like it defaults to False, and
you have to pass in True if you'd like the SSL cert to be verified, but the
opposite is the case.
Some malfunctioning HTTP servers may return a qop directive with no token, as
opposed to correctly omitting the qop directive completely. For example:
header: WWW-Authenticate: Digest realm="foobar_api_auth", qop="",
nonce="a12059eaaad0b86ece8f62f04cbafed6", algorithm="MD5",
stale="false"
Prior to this patch, requests would respond with a 'None' Authorization header.
While the server is certainly incorrect, this patch updates requests to be
more tolerant to this kind of shenaniganry. If we receive an empty string for
the value of the qop attribute, we instead treat that as if the qop attribute
was simply not provided.
Closes#2916
kennethreitz
Alexander Hermes