Opened 15 years ago
Closed 15 years ago
#4563 closed defect (worksforme)
pagetodoc fails with EOFError when trac wiki contains images and uses http authentication over SSL
| Reported by: | anonymous | Owned by: | markm |
|---|---|---|---|
| Priority: | normal | Component: | PageToDocIntegration |
| Severity: | major | Keywords: | authentication, images |
| Cc: | mtnbikingmark@… | Trac Release: | 0.11 |
Description
When clicking https://someserver/path/to/wiki/MyWikiPage?format=zip below "Download in other formats:" where the apache2.2 server is configured for "HTTP Basic Authentication" and the wiki page contains images with the same realm, pagetodoc fails with error:
Trac detected an internal error: EOFError: EOF when reading a line
which is instigated by pagetodoc at line 206 when method download_image() calls the Python urllib's urlretrieve() method.
However quoting urllib's documentation, "The public functions urlopen() and urlretrieve() create an instance of the FancyURLopener class and use it to perform their requested actions".
It further states that "When performing basic authentication, a FancyURLopener instance calls its prompt_user_passwd() method. The default implementation asks the users for the required information on the controlling terminal. A subclass may override this method to support more appropriate behavior if needed."
The python traceback ends at lines 781 and 782 (joined into one here) within the said prompt_user_password() method: user = raw_input("Enter username for %s at %s: " % (realm, host))
This python bug request 1368368 against urllib is instructive: " Currently, urllib.urlopen() "kind of" handles HTTP authentication. You simply write something like this:
urllib.urlopen("http://foo:bar@www.moo.com") " Urllib's documentation states that "To override this functionality [of creating FancyURLopener instances], programmers can create a subclass of URLopener or FancyURLopener, then assign an instance of that class to the urllib._urlopener variable before calling the desired function."
pagetodoc line 81 already obtains the login username and password from HTTP Request, if available, but perhaps should use also the trac_form_token session cookie and/or overload the prompt_user_password() method with one which either induces a 401 Authorizaton Required to the client or otherwise to force pagetodoc to obtain the authentication tuple and thereby improve HTTP authentication/SSL support.
Regards, -anon
Attachments (0)
Change History (4)
comment:1 Changed 15 years ago by
comment:2 Changed 15 years ago by
| Owner: | changed from Lucas Eisenzimmer to markm |
|---|
comment:3 Changed 15 years ago by
| Cc: | mtnbikingmark@… added; anonymous removed |
|---|
comment:4 Changed 15 years ago by
| Resolution: | → worksforme |
|---|---|
| Status: | new → closed |
solution: add in your apache-configuration (in the virtualhost-box):
WSGIPassAuthorization On
and have fun.
Are you saying that
urllib.urllopen("http://foo:bar@www.moo.com")Is not enough when dealing with SSL? As you say the plugin already does this.
You mention some other methods - but even if I were to override
prompt_user_password()I am not sure what it should return, i.e. is it the URL that needs to be updated - or I should do some other stuff?