mirrors/yt-dlp
1
0
Fork 0
mirror of https://github.com/yt-dlp/yt-dlp.git synced 2025-10-31 06:35:12 +00:00
Code Issues Projects Releases Wiki Activity

[core] Fix HTTP headers and cookie handling

Browse Source 
- Remove `Cookie` header from `http_headers` immediately after loading into cookiejar
- Restore compat for `--load-info-json` cookies
- Add more tests
- Fix improper passing of Cookie header by `MailRu` extractor

Closes #7558
Authored by: bashonly, pukkandan
This commit is contained in:
bashonly
2023-07-15 15:22:10 -05:00
parent 2b029ca0a9
commit 6c5211cebe
5 changed files with 120 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
yt_dlp/downloader/common.py
View File

@@ -32,7 +32,6 @@ from ..utils import (
timetuple_from_msec,
try_call,
)
from ..utils.traversal import traverse_obj
class FileDownloader:
@@ -453,11 +452,6 @@ class FileDownloader:
self.to_screen(f'[download] Sleeping {sleep_interval:.2f} seconds ...')
time.sleep(sleep_interval)
# Filter the `Cookie` header from the info_dict to prevent leaks.
# See: https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj
info_dict['http_headers'] = dict(traverse_obj(info_dict, (
'http_headers', {dict.items}, lambda _, pair: pair[0].lower() != 'cookie'))) or None
ret = self.real_download(filename, info_dict)
self._finish_multiline_status()
return ret, True