Multiple path separators causes bad requests #6784
Description
I'm assuming that change in #6644 is the cause of this changed behavior that operations with // in path fails. It seems to be related to Authentication as it is the only thing I could find that does not get trimmed by the change in 6644.
Expected Result
Similar behavior as before 2.32.0
Actual Result
Request captured by wireshark, note that this is the second request as the first got a 401
Hypertext Transfer Protocol
POST /axis-cgi/capturemode.cgi HTTP/1.1\r\n
Host: 192.168.0.1\r\n
User-Agent: python-requests/2.32.3\r\n
Accept-Encoding: gzip, deflate, zstd\r\n
Accept: /\r\n
Connection: keep-alive\r\n
Content-Length: 50\r\n
[truncated]Authorization: Digest username="root", realm="AXIS_B8A44F45D62F", nonce="UKH3vekeBgA=2b0d57c2d8b8eb15307576e30309cb7b23a2304c", uri="//axis-cgi/capturemode.cgi", response="0a51943f746a0d88c6574f662b457a9c", algorithm="MD5", qo
username="root"
realm="AXIS_B8A44F45D62F"
nonce="UKH3vekeBgA=2b0d57c2d8b8eb15307576e30309cb7b23a2304c"
uri="//axis-cgi/capturemode.cgi"
response="0a51943f746a0d88c6574f662b457a9c"
algorithm="MD5"
qop="auth"
nc=00000001
\r\n
[Full request URI: http://172.26.21.128/axis-cgi/capturemode.cgi]
[HTTP request 2/2]
[Prev request in frame: 10]
[Response in frame: 19]
File Data: 50 bytes
Data (50 bytes)
Response:
Hypertext Transfer Protocol
HTTP/1.1 400 Bad Request\r\n
Date: Mon, 05 Aug 2024 06:25:23 GMT\r\n
Server: Apache/2.4.58 (Unix) OpenSSL/3.0.13\r\n
X-Content-Type-Options: nosniff\r\n
X-Frame-Options: SAMEORIGIN\r\n
X-XSS-Protection: 1; mode=block\r\n
[truncated]Content-Security-Policy: default-src 'self'; frame-ancestors 'self'; connect-src 'self' https://.google-analytics.com https://.analytics.google.com https://.googletagmanager.com https://.axis.com mediastream: blob:; script
Content-Length: 226\r\n
Connection: close\r\n
Content-Type: text/html; charset=iso-8859-1\r\n
\r\n
[HTTP response 2/2]
[Time since request: 0.001411000 seconds]
[Prev request in frame: 10]
[Prev response in frame: 13]
[Request in frame: 16]
[Request URI: http://192.168.0.1/axis-cgi/capturemode.cgi]
File Data: 226 bytes
Reproduction Steps
This was run at a axis camera
import requests
url = "http://192.168.01//axis-cgi/capturemode.cgi"
body = {
"apiVersion": "1.0",
"method": "getCaptureModes"}
auth = requests.auth.HTTPDigestAuth("root", "pass")
response = requests.post(url=url, data=json.dumps(body),
auth=auth, proxies=dict(http=None, https=None))System Information
$ python -m requests.help
{
"chardet": {
"version": null
},
"charset_normalizer": {
"version": "3.3.2"
},
"cryptography": {
"version": "42.0.8"
},
"idna": {
"version": "3.7"
},
"implementation": {
"name": "CPython",
"version": "3.11.2"
},
"platform": {
"release": "6.1.0-21-amd64",
"system": "Linux"
},
"pyOpenSSL": {
"openssl_version": "30200020",
"version": "24.1.0"
},
"requests": {
"version": "2.32.3"
},
"system_ssl": {
"version": "300000b0"
},
"urllib3": {
"version": "2.2.2"
},
"using_charset_normalizer": true,
"using_pyopenssl": true
}