[yt-dlp.git] / yt_dlp / networking / _requests.py

import contextlib
import functools
import http.client
import logging
import re
import socket
import warnings

from ..dependencies import brotli, requests, urllib3
from ..utils import bug_reports_message, int_or_none, variadic
from ..utils.networking import normalize_url

if requests is None:
    raise ImportError('requests module is not installed')

if urllib3 is None:
    raise ImportError('urllib3 module is not installed')

urllib3_version = tuple(int_or_none(x, default=0) for x in urllib3.__version__.split('.'))

if urllib3_version < (1, 26, 17):
    raise ImportError('Only urllib3 >= 1.26.17 is supported')

if requests.__build__ < 0x023200:
    raise ImportError('Only requests >= 2.32.0 is supported')

import requests.adapters
import requests.utils
import urllib3.connection
import urllib3.exceptions

from ._helper import (
    InstanceStoreMixin,
    add_accept_encoding_header,
    create_connection,
    create_socks_proxy_socket,
    get_redirect_method,
    make_socks_proxy_opts,
    select_proxy,
)
from .common import (
    Features,
    RequestHandler,
    Response,
    register_preference,
    register_rh,
)
from .exceptions import (
    CertificateVerifyError,
    HTTPError,
    IncompleteRead,
    ProxyError,
    RequestError,
    SSLError,
    TransportError,
)
from ..socks import ProxyError as SocksProxyError

SUPPORTED_ENCODINGS = [
    'gzip', 'deflate'
]

if brotli is not None:
    SUPPORTED_ENCODINGS.append('br')

"""
Override urllib3's behavior to not convert lower-case percent-encoded characters
to upper-case during url normalization process.

RFC3986 defines that the lower or upper case percent-encoded hexidecimal characters are equivalent
and normalizers should convert them to uppercase for consistency [1].

However, some sites may have an incorrect implementation where they provide
a percent-encoded url that is then compared case-sensitively.[2]

While this is a very rare case, since urllib does not do this normalization step, it
is best to avoid it in requests too for compatability reasons.

1: https://tools.ietf.org/html/rfc3986#section-2.1
2: https://github.com/streamlink/streamlink/pull/4003
"""


class Urllib3PercentREOverride:
    def __init__(self, r: re.Pattern):
        self.re = r

    # pass through all other attribute calls to the original re
    def __getattr__(self, item):
        return self.re.__getattribute__(item)

    def subn(self, repl, string, *args, **kwargs):
        return string, self.re.subn(repl, string, *args, **kwargs)[1]


# urllib3 >= 1.25.8 uses subn:
# https://github.com/urllib3/urllib3/commit/a2697e7c6b275f05879b60f593c5854a816489f0
import urllib3.util.url  # noqa: E305

if hasattr(urllib3.util.url, 'PERCENT_RE'):
    urllib3.util.url.PERCENT_RE = Urllib3PercentREOverride(urllib3.util.url.PERCENT_RE)
elif hasattr(urllib3.util.url, '_PERCENT_RE'):  # urllib3 >= 2.0.0
    urllib3.util.url._PERCENT_RE = Urllib3PercentREOverride(urllib3.util.url._PERCENT_RE)
else:
    warnings.warn('Failed to patch PERCENT_RE in urllib3 (does the attribute exist?)' + bug_reports_message())

"""
Workaround for issue in urllib.util.ssl_.py: ssl_wrap_context does not pass
server_hostname to SSLContext.wrap_socket if server_hostname is an IP,
however this is an issue because we set check_hostname to True in our SSLContext.

Monkey-patching IS_SECURETRANSPORT forces ssl_wrap_context to pass server_hostname regardless.

This has been fixed in urllib3 2.0+.
See: https://github.com/urllib3/urllib3/issues/517
"""

if urllib3_version < (2, 0, 0):
    with contextlib.suppress(Exception):
        urllib3.util.IS_SECURETRANSPORT = urllib3.util.ssl_.IS_SECURETRANSPORT = True


# Requests will not automatically handle no_proxy by default
# due to buggy no_proxy handling with proxy dict [1].
# 1. https://github.com/psf/requests/issues/5000
requests.adapters.select_proxy = select_proxy


class RequestsResponseAdapter(Response):
    def __init__(self, res: requests.models.Response):
        super().__init__(
            fp=res.raw, headers=res.headers, url=res.url,
            status=res.status_code, reason=res.reason)

        self._requests_response = res

    def read(self, amt: int = None):
        try:
            # Interact with urllib3 response directly.
            return self.fp.read(amt, decode_content=True)

        # See urllib3.response.HTTPResponse.read() for exceptions raised on read
        except urllib3.exceptions.SSLError as e:
            raise SSLError(cause=e) from e

        except urllib3.exceptions.ProtocolError as e:
            # IncompleteRead is always contained within ProtocolError
            # See urllib3.response.HTTPResponse._error_catcher()
            ir_err = next(
                (err for err in (e.__context__, e.__cause__, *variadic(e.args))
                 if isinstance(err, http.client.IncompleteRead)), None)
            if ir_err is not None:
                # `urllib3.exceptions.IncompleteRead` is subclass of `http.client.IncompleteRead`
                # but uses an `int` for its `partial` property.
                partial = ir_err.partial if isinstance(ir_err.partial, int) else len(ir_err.partial)
                raise IncompleteRead(partial=partial, expected=ir_err.expected) from e
            raise TransportError(cause=e) from e

        except urllib3.exceptions.HTTPError as e:
            # catch-all for any other urllib3 response exceptions
            raise TransportError(cause=e) from e


class RequestsHTTPAdapter(requests.adapters.HTTPAdapter):
    def __init__(self, ssl_context=None, proxy_ssl_context=None, source_address=None, **kwargs):
        self._pm_args = {}
        if ssl_context:
            self._pm_args['ssl_context'] = ssl_context
        if source_address:
            self._pm_args['source_address'] = (source_address, 0)
        self._proxy_ssl_context = proxy_ssl_context or ssl_context
        super().__init__(**kwargs)

    def init_poolmanager(self, *args, **kwargs):
        return super().init_poolmanager(*args, **kwargs, **self._pm_args)

    def proxy_manager_for(self, proxy, **proxy_kwargs):
        extra_kwargs = {}
        if not proxy.lower().startswith('socks') and self._proxy_ssl_context:
            extra_kwargs['proxy_ssl_context'] = self._proxy_ssl_context
        return super().proxy_manager_for(proxy, **proxy_kwargs, **self._pm_args, **extra_kwargs)

    def cert_verify(*args, **kwargs):
        # Lean on our SSLContext for cert verification
        pass

    def _get_connection(self, request, *_, proxies=None, **__):
        # Lean on our SSLContext for cert verification
        return self.get_connection(request.url, proxies)


class RequestsSession(requests.sessions.Session):
    """
    Ensure unified redirect method handling with our urllib redirect handler.
    """

    def rebuild_method(self, prepared_request, response):
        new_method = get_redirect_method(prepared_request.method, response.status_code)

        # HACK: requests removes headers/body on redirect unless code was a 307/308.
        if new_method == prepared_request.method:
            response._real_status_code = response.status_code
            response.status_code = 308

        prepared_request.method = new_method

        # Requests fails to resolve dot segments on absolute redirect locations
        # See: https://github.com/yt-dlp/yt-dlp/issues/9020
        prepared_request.url = normalize_url(prepared_request.url)

    def rebuild_auth(self, prepared_request, response):
        # HACK: undo status code change from rebuild_method, if applicable.
        # rebuild_auth runs after requests would remove headers/body based on status code
        if hasattr(response, '_real_status_code'):
            response.status_code = response._real_status_code
            del response._real_status_code
        return super().rebuild_auth(prepared_request, response)


class Urllib3LoggingFilter(logging.Filter):

    def filter(self, record):
        # Ignore HTTP request messages since HTTPConnection prints those
        if record.msg == '%s://%s:%s "%s %s %s" %s %s':
            return False
        return True


class Urllib3LoggingHandler(logging.Handler):
    """Redirect urllib3 logs to our logger"""

    def __init__(self, logger, *args, **kwargs):
        super().__init__(*args, **kwargs)
        self._logger = logger

    def emit(self, record):
        try:
            msg = self.format(record)
            if record.levelno >= logging.ERROR:
                self._logger.error(msg)
            else:
                self._logger.stdout(msg)

        except Exception:
            self.handleError(record)


@register_rh
class RequestsRH(RequestHandler, InstanceStoreMixin):

    """Requests RequestHandler
    https://github.com/psf/requests
    """
    _SUPPORTED_URL_SCHEMES = ('http', 'https')
    _SUPPORTED_ENCODINGS = tuple(SUPPORTED_ENCODINGS)
    _SUPPORTED_PROXY_SCHEMES = ('http', 'https', 'socks4', 'socks4a', 'socks5', 'socks5h')
    _SUPPORTED_FEATURES = (Features.NO_PROXY, Features.ALL_PROXY)
    RH_NAME = 'requests'

    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)

        # Forward urllib3 debug messages to our logger
        logger = logging.getLogger('urllib3')
        self.__logging_handler = Urllib3LoggingHandler(logger=self._logger)
        self.__logging_handler.setFormatter(logging.Formatter('requests: %(message)s'))
        self.__logging_handler.addFilter(Urllib3LoggingFilter())
        logger.addHandler(self.__logging_handler)
        # TODO: Use a logger filter to suppress pool reuse warning instead
        logger.setLevel(logging.ERROR)

        if self.verbose:
            # Setting this globally is not ideal, but is easier than hacking with urllib3.
            # It could technically be problematic for scripts embedding yt-dlp.
            # However, it is unlikely debug traffic is used in that context in a way this will cause problems.
            urllib3.connection.HTTPConnection.debuglevel = 1
            logger.setLevel(logging.DEBUG)
        # this is expected if we are using --no-check-certificate
        urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

    def close(self):
        self._clear_instances()
        # Remove the logging handler that contains a reference to our logger
        # See: https://github.com/yt-dlp/yt-dlp/issues/8922
        logging.getLogger('urllib3').removeHandler(self.__logging_handler)

    def _check_extensions(self, extensions):
        super()._check_extensions(extensions)
        extensions.pop('cookiejar', None)
        extensions.pop('timeout', None)

    def _create_instance(self, cookiejar):
        session = RequestsSession()
        http_adapter = RequestsHTTPAdapter(
            ssl_context=self._make_sslcontext(),
            source_address=self.source_address,
            max_retries=urllib3.util.retry.Retry(False),
        )
        session.adapters.clear()
        session.headers = requests.models.CaseInsensitiveDict({'Connection': 'keep-alive'})
        session.mount('https://', http_adapter)
        session.mount('http://', http_adapter)
        session.cookies = cookiejar
        session.trust_env = False  # no need, we already load proxies from env
        return session

    def _send(self, request):

        headers = self._merge_headers(request.headers)
        add_accept_encoding_header(headers, SUPPORTED_ENCODINGS)

        max_redirects_exceeded = False

        session = self._get_instance(cookiejar=self._get_cookiejar(request))

        try:
            requests_res = session.request(
                method=request.method,
                url=request.url,
                data=request.data,
                headers=headers,
                timeout=self._calculate_timeout(request),
                proxies=self._get_proxies(request),
                allow_redirects=True,
                stream=True
            )

        except requests.exceptions.TooManyRedirects as e:
            max_redirects_exceeded = True
            requests_res = e.response

        except requests.exceptions.SSLError as e:
            if 'CERTIFICATE_VERIFY_FAILED' in str(e):
                raise CertificateVerifyError(cause=e) from e
            raise SSLError(cause=e) from e

        except requests.exceptions.ProxyError as e:
            raise ProxyError(cause=e) from e

        except (requests.exceptions.ConnectionError, requests.exceptions.Timeout) as e:
            raise TransportError(cause=e) from e

        except urllib3.exceptions.HTTPError as e:
            # Catch any urllib3 exceptions that may leak through
            raise TransportError(cause=e) from e

        except requests.exceptions.RequestException as e:
            # Miscellaneous Requests exceptions. May not necessary be network related e.g. InvalidURL
            raise RequestError(cause=e) from e

        res = RequestsResponseAdapter(requests_res)

        if not 200 <= res.status < 300:
            raise HTTPError(res, redirect_loop=max_redirects_exceeded)

        return res


@register_preference(RequestsRH)
def requests_preference(rh, request):
    return 100


# Use our socks proxy implementation with requests to avoid an extra dependency.
class SocksHTTPConnection(urllib3.connection.HTTPConnection):
    def __init__(self, _socks_options, *args, **kwargs):  # must use _socks_options to pass PoolKey checks
        self._proxy_args = _socks_options
        super().__init__(*args, **kwargs)

    def _new_conn(self):
        try:
            return create_connection(
                address=(self._proxy_args['addr'], self._proxy_args['port']),
                timeout=self.timeout,
                source_address=self.source_address,
                _create_socket_func=functools.partial(
                    create_socks_proxy_socket, (self.host, self.port), self._proxy_args))
        except (socket.timeout, TimeoutError) as e:
            raise urllib3.exceptions.ConnectTimeoutError(
                self, f'Connection to {self.host} timed out. (connect timeout={self.timeout})') from e
        except SocksProxyError as e:
            raise urllib3.exceptions.ProxyError(str(e), e) from e
        except OSError as e:
            raise urllib3.exceptions.NewConnectionError(
                self, f'Failed to establish a new connection: {e}') from e


class SocksHTTPSConnection(SocksHTTPConnection, urllib3.connection.HTTPSConnection):
    pass


class SocksHTTPConnectionPool(urllib3.HTTPConnectionPool):
    ConnectionCls = SocksHTTPConnection


class SocksHTTPSConnectionPool(urllib3.HTTPSConnectionPool):
    ConnectionCls = SocksHTTPSConnection


class SocksProxyManager(urllib3.PoolManager):

    def __init__(self, socks_proxy, username=None, password=None, num_pools=10, headers=None, **connection_pool_kw):
        connection_pool_kw['_socks_options'] = make_socks_proxy_opts(socks_proxy)
        super().__init__(num_pools, headers, **connection_pool_kw)
        self.pool_classes_by_scheme = {
            'http': SocksHTTPConnectionPool,
            'https': SocksHTTPSConnectionPool
        }


requests.adapters.SOCKSProxyManager = SocksProxyManager
Commit	Line	Data
8a8b5452	1	import contextlib
	2	import functools
	3	import http.client
	4	import logging
	5	import re
	6	import socket
	7	import warnings
	8
	9	from ..dependencies import brotli, requests, urllib3
	10	from ..utils import bug_reports_message, int_or_none, variadic
35f4f764	11	from ..utils.networking import normalize_url
8a8b5452	12
	13	if requests is None:
	14	raise ImportError('requests module is not installed')
	15
	16	if urllib3 is None:
	17	raise ImportError('urllib3 module is not installed')
	18
	19	urllib3_version = tuple(int_or_none(x, default=0) for x in urllib3.__version__.split('.'))
	20
	21	if urllib3_version < (1, 26, 17):
	22	raise ImportError('Only urllib3 >= 1.26.17 is supported')
	23
c36513f1	24	if requests.__build__ < 0x023200:
c36513f1	25	raise ImportError('Only requests >= 2.32.0 is supported')
8a8b5452	26
	27	import requests.adapters
	28	import requests.utils
	29	import urllib3.connection
	30	import urllib3.exceptions
	31
	32	from ._helper import (
	33	InstanceStoreMixin,
	34	add_accept_encoding_header,
	35	create_connection,
	36	create_socks_proxy_socket,
	37	get_redirect_method,
	38	make_socks_proxy_opts,
	39	select_proxy,
	40	)
	41	from .common import (
	42	Features,
	43	RequestHandler,
	44	Response,
	45	register_preference,
	46	register_rh,
	47	)
	48	from .exceptions import (
	49	CertificateVerifyError,
	50	HTTPError,
	51	IncompleteRead,
	52	ProxyError,
	53	RequestError,
	54	SSLError,
	55	TransportError,
	56	)
	57	from ..socks import ProxyError as SocksProxyError
	58
	59	SUPPORTED_ENCODINGS = [
	60	'gzip', 'deflate'
	61	]
	62
	63	if brotli is not None:
	64	SUPPORTED_ENCODINGS.append('br')
	65
	66	"""
	67	Override urllib3's behavior to not convert lower-case percent-encoded characters
	68	to upper-case during url normalization process.
	69
	70	RFC3986 defines that the lower or upper case percent-encoded hexidecimal characters are equivalent
	71	and normalizers should convert them to uppercase for consistency [1].
	72
	73	However, some sites may have an incorrect implementation where they provide
	74	a percent-encoded url that is then compared case-sensitively.[2]
	75
	76	While this is a very rare case, since urllib does not do this normalization step, it
	77	is best to avoid it in requests too for compatability reasons.
	78
	79	1: https://tools.ietf.org/html/rfc3986#section-2.1
	80	2: https://github.com/streamlink/streamlink/pull/4003
	81	"""
	82
	83
	84	class Urllib3PercentREOverride:
	85	def __init__(self, r: re.Pattern):
	86	self.re = r
	87
	88	# pass through all other attribute calls to the original re
	89	def __getattr__(self, item):
90	return self.re.__getattribute__(item)
91
92	def subn(self, repl, string, args, *kwargs):
93	return string, self.re.subn(repl, string, args, *kwargs)[1]
94
95
96	# urllib3 >= 1.25.8 uses subn:
97	# https://github.com/urllib3/urllib3/commit/a2697e7c6b275f05879b60f593c5854a816489f0
98	import urllib3.util.url # noqa: E305
99
100	if hasattr(urllib3.util.url, 'PERCENT_RE'):
101	urllib3.util.url.PERCENT_RE = Urllib3PercentREOverride(urllib3.util.url.PERCENT_RE)
102	elif hasattr(urllib3.util.url, '_PERCENT_RE'): # urllib3 >= 2.0.0
103	urllib3.util.url._PERCENT_RE = Urllib3PercentREOverride(urllib3.util.url._PERCENT_RE)
104	else:
105	warnings.warn('Failed to patch PERCENT_RE in urllib3 (does the attribute exist?)' + bug_reports_message())
106
107	"""
108	Workaround for issue in urllib.util.ssl_.py: ssl_wrap_context does not pass
109	server_hostname to SSLContext.wrap_socket if server_hostname is an IP,
110	however this is an issue because we set check_hostname to True in our SSLContext.
111
112	Monkey-patching IS_SECURETRANSPORT forces ssl_wrap_context to pass server_hostname regardless.
113
114	This has been fixed in urllib3 2.0+.
115	See: https://github.com/urllib3/urllib3/issues/517
116	"""
117
118	if urllib3_version < (2, 0, 0):
93240fc1	119	with contextlib.suppress(Exception):
8a8b5452	120	urllib3.util.IS_SECURETRANSPORT = urllib3.util.ssl_.IS_SECURETRANSPORT = True
	121
	122
	123	# Requests will not automatically handle no_proxy by default
	124	# due to buggy no_proxy handling with proxy dict [1].
	125	# 1. https://github.com/psf/requests/issues/5000
	126	requests.adapters.select_proxy = select_proxy
	127
	128
	129	class RequestsResponseAdapter(Response):
	130	def __init__(self, res: requests.models.Response):
	131	super().__init__(
	132	fp=res.raw, headers=res.headers, url=res.url,
	133	status=res.status_code, reason=res.reason)
	134
	135	self._requests_response = res
	136
	137	def read(self, amt: int = None):
	138	try:
	139	# Interact with urllib3 response directly.
	140	return self.fp.read(amt, decode_content=True)
	141
	142	# See urllib3.response.HTTPResponse.read() for exceptions raised on read
	143	except urllib3.exceptions.SSLError as e:
	144	raise SSLError(cause=e) from e
	145
8a8b5452	146	except urllib3.exceptions.ProtocolError as e:
4e38e2ae	147	# IncompleteRead is always contained within ProtocolError
8a8b5452	148	# See urllib3.response.HTTPResponse._error_catcher()
	149	ir_err = next(
	150	(err for err in (e.__context__, e.__cause__, *variadic(e.args))
	151	if isinstance(err, http.client.IncompleteRead)), None)
	152	if ir_err is not None:
4e38e2ae SS	153	# `urllib3.exceptions.IncompleteRead` is subclass of `http.client.IncompleteRead`
	154	# but uses an `int` for its `partial` property.
	155	partial = ir_err.partial if isinstance(ir_err.partial, int) else len(ir_err.partial)
	156	raise IncompleteRead(partial=partial, expected=ir_err.expected) from e
8a8b5452	157	raise TransportError(cause=e) from e
	158
	159	except urllib3.exceptions.HTTPError as e:
	160	# catch-all for any other urllib3 response exceptions
	161	raise TransportError(cause=e) from e
	162
	163
	164	class RequestsHTTPAdapter(requests.adapters.HTTPAdapter):
	165	def __init__(self, ssl_context=None, proxy_ssl_context=None, source_address=None, **kwargs):
	166	self._pm_args = {}
	167	if ssl_context:
	168	self._pm_args['ssl_context'] = ssl_context
	169	if source_address:
	170	self._pm_args['source_address'] = (source_address, 0)
	171	self._proxy_ssl_context = proxy_ssl_context or ssl_context
	172	super().__init__(**kwargs)
	173
	174	def init_poolmanager(self, args, *kwargs):
	175	return super().init_poolmanager(args, kwargs, *self._pm_args)
	176
	177	def proxy_manager_for(self, proxy, **proxy_kwargs):
	178	extra_kwargs = {}
	179	if not proxy.lower().startswith('socks') and self._proxy_ssl_context:
	180	extra_kwargs['proxy_ssl_context'] = self._proxy_ssl_context
	181	return super().proxy_manager_for(proxy, proxy_kwargs, self._pm_args, **extra_kwargs)
	182
	183	def cert_verify(args, *kwargs):
c36513f1	184	# Lean on our SSLContext for cert verification
8a8b5452	185	pass
8a8b5452	186
c36513f1	187	def _get_connection(self, request, _, proxies=None, *__):
	188	# Lean on our SSLContext for cert verification
	189	return self.get_connection(request.url, proxies)
	190
8a8b5452	191
	192	class RequestsSession(requests.sessions.Session):
	193	"""
	194	Ensure unified redirect method handling with our urllib redirect handler.
	195	"""
f9fb3ce8	196
8a8b5452	197	def rebuild_method(self, prepared_request, response):
	198	new_method = get_redirect_method(prepared_request.method, response.status_code)
	199
	200	# HACK: requests removes headers/body on redirect unless code was a 307/308.
	201	if new_method == prepared_request.method:
	202	response._real_status_code = response.status_code
	203	response.status_code = 308
	204
	205	prepared_request.method = new_method
	206
35f4f764	207	# Requests fails to resolve dot segments on absolute redirect locations
	208	# See: https://github.com/yt-dlp/yt-dlp/issues/9020
	209	prepared_request.url = normalize_url(prepared_request.url)
	210
8a8b5452	211	def rebuild_auth(self, prepared_request, response):
	212	# HACK: undo status code change from rebuild_method, if applicable.
	213	# rebuild_auth runs after requests would remove headers/body based on status code
	214	if hasattr(response, '_real_status_code'):
	215	response.status_code = response._real_status_code
	216	del response._real_status_code
	217	return super().rebuild_auth(prepared_request, response)
	218
	219
	220	class Urllib3LoggingFilter(logging.Filter):
	221
	222	def filter(self, record):
	223	# Ignore HTTP request messages since HTTPConnection prints those
	224	if record.msg == '%s://%s:%s "%s %s %s" %s %s':
	225	return False
	226	return True
	227
	228
	229	class Urllib3LoggingHandler(logging.Handler):
	230	"""Redirect urllib3 logs to our logger"""
f9fb3ce8	231
8a8b5452	232	def __init__(self, logger, args, *kwargs):
	233	super().__init__(args, *kwargs)
	234	self._logger = logger
	235
	236	def emit(self, record):
	237	try:
	238	msg = self.format(record)
	239	if record.levelno >= logging.ERROR:
	240	self._logger.error(msg)
	241	else:
	242	self._logger.stdout(msg)
	243
	244	except Exception:
	245	self.handleError(record)
	246
	247
	248	@register_rh
	249	class RequestsRH(RequestHandler, InstanceStoreMixin):
	250
	251	"""Requests RequestHandler
	252	https://github.com/psf/requests
	253	"""
	254	_SUPPORTED_URL_SCHEMES = ('http', 'https')
	255	_SUPPORTED_ENCODINGS = tuple(SUPPORTED_ENCODINGS)
	256	_SUPPORTED_PROXY_SCHEMES = ('http', 'https', 'socks4', 'socks4a', 'socks5', 'socks5h')
	257	_SUPPORTED_FEATURES = (Features.NO_PROXY, Features.ALL_PROXY)
	258	RH_NAME = 'requests'
	259
	260	def __init__(self, args, *kwargs):
	261	super().__init__(args, *kwargs)
	262
	263	# Forward urllib3 debug messages to our logger
	264	logger = logging.getLogger('urllib3')
0085e2ba	265	self.__logging_handler = Urllib3LoggingHandler(logger=self._logger)
	266	self.__logging_handler.setFormatter(logging.Formatter('requests: %(message)s'))
	267	self.__logging_handler.addFilter(Urllib3LoggingFilter())
	268	logger.addHandler(self.__logging_handler)
b012271d SS	269	# TODO: Use a logger filter to suppress pool reuse warning instead
b012271d SS	270	logger.setLevel(logging.ERROR)
8a8b5452	271
	272	if self.verbose:
	273	# Setting this globally is not ideal, but is easier than hacking with urllib3.
	274	# It could technically be problematic for scripts embedding yt-dlp.
	275	# However, it is unlikely debug traffic is used in that context in a way this will cause problems.
	276	urllib3.connection.HTTPConnection.debuglevel = 1
	277	logger.setLevel(logging.DEBUG)
	278	# this is expected if we are using --no-check-certificate
	279	urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
	280
	281	def close(self):
	282	self._clear_instances()
0085e2ba	283	# Remove the logging handler that contains a reference to our logger
	284	# See: https://github.com/yt-dlp/yt-dlp/issues/8922
	285	logging.getLogger('urllib3').removeHandler(self.__logging_handler)
8a8b5452	286
	287	def _check_extensions(self, extensions):
	288	super()._check_extensions(extensions)
	289	extensions.pop('cookiejar', None)
	290	extensions.pop('timeout', None)
	291
	292	def _create_instance(self, cookiejar):
	293	session = RequestsSession()
	294	http_adapter = RequestsHTTPAdapter(
	295	ssl_context=self._make_sslcontext(),
	296	source_address=self.source_address,
	297	max_retries=urllib3.util.retry.Retry(False),
	298	)
	299	session.adapters.clear()
	300	session.headers = requests.models.CaseInsensitiveDict({'Connection': 'keep-alive'})
	301	session.mount('https://', http_adapter)
	302	session.mount('http://', http_adapter)
	303	session.cookies = cookiejar
	304	session.trust_env = False # no need, we already load proxies from env
	305	return session
	306
	307	def _send(self, request):
	308
	309	headers = self._merge_headers(request.headers)
	310	add_accept_encoding_header(headers, SUPPORTED_ENCODINGS)
	311
	312	max_redirects_exceeded = False
	313
52f5be1f	314	session = self._get_instance(cookiejar=self._get_cookiejar(request))
8a8b5452	315
	316	try:
	317	requests_res = session.request(
	318	method=request.method,
	319	url=request.url,
	320	data=request.data,
	321	headers=headers,
52f5be1f	322	timeout=self._calculate_timeout(request),
52f5be1f	323	proxies=self._get_proxies(request),
8a8b5452	324	allow_redirects=True,
	325	stream=True
	326	)
	327
	328	except requests.exceptions.TooManyRedirects as e:
	329	max_redirects_exceeded = True
	330	requests_res = e.response
	331
	332	except requests.exceptions.SSLError as e:
	333	if 'CERTIFICATE_VERIFY_FAILED' in str(e):
	334	raise CertificateVerifyError(cause=e) from e
	335	raise SSLError(cause=e) from e
	336
	337	except requests.exceptions.ProxyError as e:
	338	raise ProxyError(cause=e) from e
	339
	340	except (requests.exceptions.ConnectionError, requests.exceptions.Timeout) as e:
	341	raise TransportError(cause=e) from e
	342
	343	except urllib3.exceptions.HTTPError as e:
	344	# Catch any urllib3 exceptions that may leak through
	345	raise TransportError(cause=e) from e
	346
	347	except requests.exceptions.RequestException as e:
	348	# Miscellaneous Requests exceptions. May not necessary be network related e.g. InvalidURL
	349	raise RequestError(cause=e) from e
	350
	351	res = RequestsResponseAdapter(requests_res)
	352
	353	if not 200 <= res.status < 300:
	354	raise HTTPError(res, redirect_loop=max_redirects_exceeded)
	355
	356	return res
	357
	358
	359	@register_preference(RequestsRH)
	360	def requests_preference(rh, request):
	361	return 100
	362
	363
	364	# Use our socks proxy implementation with requests to avoid an extra dependency.
	365	class SocksHTTPConnection(urllib3.connection.HTTPConnection):
	366	def __init__(self, _socks_options, args, *kwargs): # must use _socks_options to pass PoolKey checks
	367	self._proxy_args = _socks_options
	368	super().__init__(args, *kwargs)
	369
	370	def _new_conn(self):
	371	try:
	372	return create_connection(
	373	address=(self._proxy_args['addr'], self._proxy_args['port']),
	374	timeout=self.timeout,
	375	source_address=self.source_address,
	376	_create_socket_func=functools.partial(
	377	create_socks_proxy_socket, (self.host, self.port), self._proxy_args))
	378	except (socket.timeout, TimeoutError) as e:
	379	raise urllib3.exceptions.ConnectTimeoutError(
	380	self, f'Connection to {self.host} timed out. (connect timeout={self.timeout})') from e
	381	except SocksProxyError as e:
	382	raise urllib3.exceptions.ProxyError(str(e), e) from e
f9fb3ce8	383	except OSError as e:
8a8b5452	384	raise urllib3.exceptions.NewConnectionError(
	385	self, f'Failed to establish a new connection: {e}') from e
	386
	387
	388	class SocksHTTPSConnection(SocksHTTPConnection, urllib3.connection.HTTPSConnection):
	389	pass
	390
	391
	392	class SocksHTTPConnectionPool(urllib3.HTTPConnectionPool):
	393	ConnectionCls = SocksHTTPConnection
	394
	395
	396	class SocksHTTPSConnectionPool(urllib3.HTTPSConnectionPool):
	397	ConnectionCls = SocksHTTPSConnection
	398
	399
	400	class SocksProxyManager(urllib3.PoolManager):
	401
	402	def __init__(self, socks_proxy, username=None, password=None, num_pools=10, headers=None, **connection_pool_kw):
	403	connection_pool_kw['_socks_options'] = make_socks_proxy_opts(socks_proxy)
	404	super().__init__(num_pools, headers, **connection_pool_kw)
	405	self.pool_classes_by_scheme = {
	406	'http': SocksHTTPConnectionPool,
	407	'https': SocksHTTPSConnectionPool
	408	}
	409
	410
	411	requests.adapters.SOCKSProxyManager = SocksProxyManager