Do not send credentials by default, make it explicit when patching

carlosefr · carlosefr · commit 2fcd8da4653b · 2025-05-08T17:19:06.000+01:00
diff --git a/pyodide_http/__init__.py b/pyodide_http/__init__.py
@@ -8,7 +8,7 @@
 __version__ = "0.2.2"
 
 
-def patch_requests(continue_on_import_error: bool = False):
+def patch_requests(continue_on_import_error: bool = False, with_credentials: bool = False):
     if not _SHOULD_PATCH:
         return
     try:
@@ -18,10 +18,10 @@ def patch_requests(continue_on_import_error: bool = False):
             return
         raise
     else:
-        patch()
+        patch(with_credentials)
 
 
-def patch_urllib(continue_on_import_error: bool = False):
+def patch_urllib(continue_on_import_error: bool = False, with_credentials: bool = False):
     if not _SHOULD_PATCH:
         return
 
@@ -32,13 +32,13 @@ def patch_urllib(continue_on_import_error: bool = False):
             return
         raise
     else:
-        patch()
+        patch(with_credentials)
 
 
 def should_patch():
     return _SHOULD_PATCH
 
 
-def patch_all():
-    patch_requests(continue_on_import_error=True)
-    patch_urllib(continue_on_import_error=True)
+def patch_all(with_credentials: bool = False):
+    patch_requests(continue_on_import_error=True, with_credentials=with_credentials)
+    patch_urllib(continue_on_import_error=True, with_credentials=with_credentials)
diff --git a/pyodide_http/_core.py b/pyodide_http/_core.py
@@ -72,7 +72,7 @@ def show_streaming_warning():
         )
 
 
-def send(request: Request, stream: bool = False) -> Response:
+def send(request: Request, stream: bool = False, with_credentials: bool = False) -> Response:
     if request.params:
         from js import URLSearchParams
 
@@ -118,7 +118,7 @@ def send(request: Request, stream: bool = False) -> Response:
         if name.lower() not in HEADERS_TO_IGNORE:
             xhr.setRequestHeader(name, value)
 
-    xhr.withCredentials = True
+    xhr.withCredentials = with_credentials
     xhr.send(to_js(request.body))
 
     headers = dict(Parser().parsestr(xhr.getAllResponseHeaders()))
diff --git a/pyodide_http/_requests.py b/pyodide_http/_requests.py
@@ -12,8 +12,9 @@
 class PyodideHTTPAdapter(BaseAdapter):
     """The Base Transport Adapter"""
 
-    def __init__(self):
+    def __init__(self, with_credentials=False):
         super().__init__()
+        self._with_credentials = with_credentials
 
     def send(self, request, **kwargs):
         """Sends PreparedRequest object. Returns Response object.
@@ -46,7 +47,7 @@ def send(self, request, **kwargs):
         if request.body:
             pyodide_request.set_body(request.body)
         try:
-            resp = send(pyodide_request, stream)
+            resp = send(pyodide_request, stream, self._with_credentials)
         except _StreamingTimeout:
             from requests import ConnectTimeout
 
@@ -88,7 +89,7 @@ def close(self):
         pass
 
 
-def patch():
+def patch(with_credentials=False):
     global _IS_PATCHED
     """
         Patch the requests Session. Will add a new adapter for the http and https protocols.
@@ -105,8 +106,8 @@ def patch():
 
     def new_init(self):
         self._old_init()
-        self.mount("https://", PyodideHTTPAdapter())
-        self.mount("http://", PyodideHTTPAdapter())
+        self.mount("https://", PyodideHTTPAdapter(with_credentials))
+        self.mount("http://", PyodideHTTPAdapter(with_credentials))
 
     requests.sessions.Session._old_init = requests.sessions.Session.__init__
     requests.sessions.Session.__init__ = new_init
diff --git a/pyodide_http/_urllib.py b/pyodide_http/_urllib.py
@@ -1,4 +1,5 @@
 from io import BytesIO
+from functools import partial
 
 import urllib.request
 from http.client import HTTPResponse
@@ -28,7 +29,7 @@ def urlopen(url, *args, **kwargs):
         url = url.full_url
 
     request = Request(method, url, headers=headers, body=data)
-    resp = send(request)
+    resp = send(request, with_credentials=kwargs.get("with_credentials", False))
 
     # Build a fake http response
     # Strip out the content-length header. When Content-Encoding is 'gzip' (or other
@@ -59,13 +60,16 @@ def urlopen_self_removed(self, url, *args, **kwargs):
     return urlopen(url, *args, **kwargs)
 
 
-def patch():
+def patch(with_credentials=False):
     global _IS_PATCHED
 
     if _IS_PATCHED:
         return
 
-    urllib.request.urlopen = urlopen
-    urllib.request.OpenerDirector.open = urlopen_self_removed
+    _urlopen = partial(urlopen, with_credentials=with_credentials)
+    _open = partial(urlopen_self_removed, with_credentials=with_credentials)
+
+    urllib.request.urlopen = _urlopen
+    urllib.request.OpenerDirector.open = _open
 
     _IS_PATCHED = True
