HTTPBasicAuth does not handle non-latin-1 characters

[frafra]

Hi, I have a password containing Norwegian characters, like "ø". I found that HTTPBasicAuth generates a wrong Authentication header, as the base64-encoded password differed from what I computed and successfully tested.

It looks like latin-1 is the default encoding instead of utf-8: https://github.com/psf/requests/blob/79f60274f7e461b8fd2f579e741f748438d7eadb/requests/auth.py#L59-L63

My workaround is to encode strings to utf-8 before passing them to HTTPBasicAuth, but it looks like this would break starting with requests >= 3.0.0:

https://github.com/psf/requests/blob/79f60274f7e461b8fd2f579e741f748438d7eadb/requests/auth.py#L36-L41

I do not know if different servers have different defaults, but if requests do not want to handle binary sequences, then it should probably allow specifying different encodings.

[nateprewitt]

Hi @frafra, this warning is a remnant from when Python 2 was still the main Python and bytes/str were synonymous. You'll see if you look at the definition for basestring that it is that same type union in Python 3. We may be able to make "Non-string" a bit clearer for Python 3.

bytes will continue to be supported going forward and would in fact be our general recommendation for most Requests arguments. The library still assumes latin-1/iso-8859-1 because that's what's formally documented for the web. You'll find in practice though that utf-8 has superseded that in many cases.