diff options
| author | bashonly <bashonly@bashonly.com> | 2023-07-15 15:22:10 -0500 |
|---|---|---|
| committer | bashonly <bashonly@bashonly.com> | 2023-07-15 15:25:45 -0500 |
| commit | 6c5211cebeacfc53ad5d5ddf4a659be76039656f (patch) | |
| tree | 94c09b4fae723e5aceade4797ead6876827d0e6d /yt_dlp/downloader/common.py | |
| parent | 2b029ca0a9f9105c4f7626993fa60e54c9782749 (diff) | |
| download | hypervideo-pre-6c5211cebeacfc53ad5d5ddf4a659be76039656f.tar.lz hypervideo-pre-6c5211cebeacfc53ad5d5ddf4a659be76039656f.tar.xz hypervideo-pre-6c5211cebeacfc53ad5d5ddf4a659be76039656f.zip | |
[core] Fix HTTP headers and cookie handling
- Remove `Cookie` header from `http_headers` immediately after loading into cookiejar
- Restore compat for `--load-info-json` cookies
- Add more tests
- Fix improper passing of Cookie header by `MailRu` extractor
Closes #7558
Authored by: bashonly, pukkandan
Diffstat (limited to 'yt_dlp/downloader/common.py')
| -rw-r--r-- | yt_dlp/downloader/common.py | 6 |
1 files changed, 0 insertions, 6 deletions
diff --git a/yt_dlp/downloader/common.py b/yt_dlp/downloader/common.py index 2c404ee90..b71d7ee8f 100644 --- a/yt_dlp/downloader/common.py +++ b/yt_dlp/downloader/common.py @@ -32,7 +32,6 @@ from ..utils import ( timetuple_from_msec, try_call, ) -from ..utils.traversal import traverse_obj class FileDownloader: @@ -453,11 +452,6 @@ class FileDownloader: self.to_screen(f'[download] Sleeping {sleep_interval:.2f} seconds ...') time.sleep(sleep_interval) - # Filter the `Cookie` header from the info_dict to prevent leaks. - # See: https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj - info_dict['http_headers'] = dict(traverse_obj(info_dict, ( - 'http_headers', {dict.items}, lambda _, pair: pair[0].lower() != 'cookie'))) or None - ret = self.real_download(filename, info_dict) self._finish_multiline_status() return ret, True |