ytdl-org · dirkf · Mar 4, 2024 · Apr 19, 2021 · Mar 3, 2024 · Mar 3, 2024
diff --git a/test/test_utils.py b/test/test_utils.py
@@ -81,6 +81,7 @@
     sanitize_filename,
     sanitize_path,
     sanitize_url,
+    sanitized_Request,
     shell_quote,
     smuggle_url,
     str_or_none,
@@ -255,6 +256,26 @@ def test_sanitize_url(self):
         self.assertEqual(sanitize_url('https://foo.bar'), 'https://foo.bar')
         self.assertEqual(sanitize_url('foo bar'), 'foo bar')
 
+    def test_extract_user_pass(self):
+        self.assertEqual(extract_user_pass('http://foo.bar'), ('http://foo.bar', None, None))
+        self.assertEqual(extract_user_pass('http://:foo.bar'), ('http://:foo.bar', None, None))
+        self.assertEqual(extract_user_pass('http://@foo.bar'), ('http://foo.bar', '', ''))
+        self.assertEqual(extract_user_pass('http://:pass@foo.bar'), ('http://foo.bar', '', 'pass'))
+        self.assertEqual(extract_user_pass('http://user:@foo.bar'), ('http://foo.bar', 'user', ''))
+        self.assertEqual(extract_user_pass('http://user:pass@foo.bar'), ('http://foo.bar', 'user', 'pass'))
+
+    def test_sanitized_Request(self):
+        self.assertFalse(sanitized_Request('http://foo.bar').has_header('Authorization'))
+        self.assertFalse(sanitized_Request('http://:foo.bar').has_header('Authorization'))
+        self.assertEqual(sanitized_Request('http://@foo.bar').get_header('Authorization'),
+                         'Basic Og==')
+        self.assertEqual(sanitized_Request('http://:pass@foo.bar').get_header('Authorization'),
+                         'Basic OnBhc3M=')
+        self.assertEqual(sanitized_Request('http://user:@foo.bar').get_header('Authorization'),
+                         'Basic dXNlcjo=')
+        self.assertEqual(sanitized_Request('http://user:pass@foo.bar').get_header('Authorization'),
+                         'Basic dXNlcjpwYXNz')
+
     def test_expand_path(self):
         def env(var):
             return '%{0}%'.format(var) if sys.platform == 'win32' else '${0}'.format(var)

diff --git a/youtube_dl/utils.py b/youtube_dl/utils.py
@@ -2182,6 +2182,21 @@ def sanitize_url(url):
     return url
 
 
+def extract_user_pass(url):
+    parts = compat_urlparse.urlsplit(url)
+    username = parts.username
+    password = parts.password
+    if username is not None:
+        if password is None:
+            password = ''
+        netloc = parts.hostname
+        if parts.port is not None:
+            netloc = parts.hostname + ':' + parts.port
+        parts = parts._replace(netloc=netloc)
+        url = compat_urlparse.urlunsplit(parts)
+    return url, username, password
+
+
 def sanitized_Request(url, *args, **kwargs):
     return compat_urllib_request.Request(escape_url(sanitize_url(url)), *args, **kwargs)