GHSA-JWQP-28GF-P498 Scrapy HTTP authentication credentials potentially leaked to target websites
Impact If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for HTTP authentication, all requests will expose your credentials to the request target. This includes requests generated by Scrapy components, such as robots.txt requests sent by Scrapy when the ROBOTSTXTOBEY...