-
-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
URLs that infinitely redirect to an authenticated Location will raise a ValueError instead of TooManyRedirects #9436
Labels
Comments
I don't think that check should be happening on redirects, only on the original url parameter. So, option 2. |
It probably makes sense to just move that check to somewhere before the loop. |
PLPeeters
pushed a commit
to PLPeeters/aiohttp
that referenced
this issue
Oct 9, 2024
5 tasks
PLPeeters
pushed a commit
to PLPeeters/aiohttp
that referenced
this issue
Oct 11, 2024
PLPeeters
pushed a commit
to PLPeeters/aiohttp
that referenced
this issue
Oct 11, 2024
PLPeeters
pushed a commit
to PLPeeters/aiohttp
that referenced
this issue
Oct 11, 2024
PLPeeters
pushed a commit
to PLPeeters/aiohttp
that referenced
this issue
Oct 14, 2024
PLPeeters
pushed a commit
to PLPeeters/aiohttp
that referenced
this issue
Oct 18, 2024
bdraco
pushed a commit
to PLPeeters/aiohttp
that referenced
this issue
Oct 18, 2024
bdraco
pushed a commit
to PLPeeters/aiohttp
that referenced
this issue
Oct 23, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
I encountered a URL that seems to always respond with this, even for subsequent authenticated calls:
This then leads to a
ValueError
once the redirect is handled, instead of aTooManyRedirects
error (which is what both Chrome andrequests
throw for this).To Reproduce
Expected behavior
It should raise a
TooManyRedirectsError
instead. AValueError
gives the impression the user did something wrong, while this is out of their control.Logs/tracebacks
Python Version
aiohttp Version
multidict Version
propcache Version
yarl Version
OS
Ubuntu, macOS
Related component
Client
Additional context
The root cause lies here:
aiohttp/aiohttp/client.py
Lines 558 to 562 in c4a3f27
I believe this could be fixed in one of two ways:
auth
andauth_from_url
are different before raisingOption 2 is probably best, as the problem at hand is that URL-based auth can be out of the user's control, so it should only raise a
ValueError
if it is indeed the user that made a mistake, which can only really be the case for the initial URL in the redirect chain.I'll happily PR this once I get the go-ahead for the method to use.
Code of Conduct
The text was updated successfully, but these errors were encountered: