Nikolay Baranenko Nikolay Baranenko - 1 month ago 8
Python Question

PIP how escape character # in password?

want to continue question
How to get pip to work behind a proxy server

I have Windows Server and Python 3.5 (64).

In password my user include #.

I try to use some solve:

"C:\Program Files\Python35\scripts\pip.exe" install --proxy TwitterApi

"C:\Program Files\Python35\scripts\pip.exe" install --proxy "http://proxy_user:pwd#123" TwitterApi

"C:\Program Files\Python35\scripts\pip.exe" install --proxy http://"proxy_user:pwd#123" TwitterApi

"C:\Program Files\Python35\scripts\pip.exe" install --proxy http://proxy_user:"pwd#123" TwitterApi

BUT to get error

File "c:\program files\python35\lib\site-packages\pip\_vendor\requests\package
s\urllib3\util\", line 189, in parse_url
raise LocationParseError(url)
pip._vendor.requests.packages.urllib3.exceptions.LocationParseError: Failed to p
arse: proxy_user:pwd

How escape character # in this case?


Quick way out: Enter it in the encoded form i.e. # -> %23


A better way for pip to handle this might be to add a --proxy-auth flag that takes : and does the encoding for the user before adding it to the Proxy URL.

Issue - This is something not allowed:

Strictly speaking, the literal # character is not valid in the userinfo portion of a URI, according to RFC 3986, and should be percent encoded. However, it's not exactly a surprise that many tools handle this ok: there's clearly no actual ambiguity about that character. Note, however, that if there were an @ symbol in the password you'd definitely have to urlencode it: for that reason, it's a good habit to get into to urlencode your passwords before they go into URIs.

The response to a submitted issue parse_url fails when given credentials in the URL with '/', '#', or '?':

The RFC says specifically:

The authority component is preceded by a double slash ("//") and is terminated by the next slash ("/"), question mark ("?"), or number sign ("#") character, or by the end of the URI. In other words, the current behaviour is correct in expecting the authority to be terminated by the first / (or ? or #) it finds after the preceeding //. Am I sympathetic to people trying to use proxy URIs with pip? Absolutely. I think hacking together something that violates the RFC has the potential for nasty surprises later on.