requests Architecture Docs
Home / Function/ should_strip_auth() — requests Function Reference

should_strip_auth() — requests Function Reference

Architecture documentation for the should_strip_auth() function in sessions.py from the requests codebase.

Function python CoreAPI VerbHandlers calls 1 called by 1

Entity Profile

Dependency Diagram

graph TD
  878c62b1_e60f_77fd_3028_6c51dffaeedf["should_strip_auth()"]
  29cd946c_8c0d_e37c_acb9_dfb2b83bf42b["SessionRedirectMixin"]
  878c62b1_e60f_77fd_3028_6c51dffaeedf -->|defined in| 29cd946c_8c0d_e37c_acb9_dfb2b83bf42b
  18349e5e_3ab4_19be_23d5_20c1111b761b["rebuild_auth()"]
  18349e5e_3ab4_19be_23d5_20c1111b761b -->|calls| 878c62b1_e60f_77fd_3028_6c51dffaeedf
  e5f3beee_4f0d_bcf5_4af9_52d8658ab65f["get()"]
  878c62b1_e60f_77fd_3028_6c51dffaeedf -->|calls| e5f3beee_4f0d_bcf5_4af9_52d8658ab65f
  style 878c62b1_e60f_77fd_3028_6c51dffaeedf fill:#6366f1,stroke:#818cf8,color:#fff

Relationship Graph

Source Code

src/requests/sessions.py lines 128–158

    def should_strip_auth(self, old_url, new_url):
        """Decide whether Authorization header should be removed when redirecting"""
        old_parsed = urlparse(old_url)
        new_parsed = urlparse(new_url)
        if old_parsed.hostname != new_parsed.hostname:
            return True
        # Special case: allow http -> https redirect when using the standard
        # ports. This isn't specified by RFC 7235, but is kept to avoid
        # breaking backwards compatibility with older versions of requests
        # that allowed any redirects on the same host.
        if (
            old_parsed.scheme == "http"
            and old_parsed.port in (80, None)
            and new_parsed.scheme == "https"
            and new_parsed.port in (443, None)
        ):
            return False

        # Handle default port usage corresponding to scheme.
        changed_port = old_parsed.port != new_parsed.port
        changed_scheme = old_parsed.scheme != new_parsed.scheme
        default_port = (DEFAULT_PORTS.get(old_parsed.scheme, None), None)
        if (
            not changed_scheme
            and old_parsed.port in default_port
            and new_parsed.port in default_port
        ):
            return False

        # Standard case: root URI must match
        return changed_port or changed_scheme

Domain

Subdomains

Defined In

Calls

Called By

Source

Frequently Asked Questions

What does should_strip_auth() do?
should_strip_auth() is a function in the requests codebase, defined in src/requests/sessions.py.
Where is should_strip_auth() defined?
should_strip_auth() is defined in src/requests/sessions.py at line 128.
What does should_strip_auth() call?
should_strip_auth() calls 1 function(s): get.
What calls should_strip_auth()?
should_strip_auth() is called by 1 function(s): rebuild_auth.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free