The Fix
Handles URL quoting for username and password components in proxy authentication strings, allowing special characters to be properly encoded.
Based on closed encode/httpx issue #858 · PR/commit linked
Production note: Most teams hit this during upgrades or environment changes. Roll out with a canary and smoke critical endpoints (health, OpenAPI/docs) before 100%.
@@ -7,7 +7,7 @@
from collections.abc import MutableMapping
from http.cookiejar import Cookie, CookieJar
-from urllib.parse import parse_qsl, urlencode
+from urllib.parse import parse_qsl, quote, unquote, urlencode
Option A — Apply the official fix\nHandles URL quoting for username and password components in proxy authentication strings, allowing special characters to be properly encoded.\nWhen NOT to use: This fix should not be used if the application does not require special character handling in proxy authentication.\n\n
Why This Fix Works in Production
- Trigger: Certain characters such as @:!#$ break proxy authentication strings when included without url-encoding them.
- Mechanism: Certain characters in proxy authentication strings are not properly URL-encoded, causing issues with URI parsing
- If left unfixed, the same config can fail only in production (env differences), causing startup failures or partial feature outages.
Why This Breaks in Prod
- Certain characters in proxy authentication strings are not properly URL-encoded, causing issues with URI parsing
- Production symptom (often without a traceback): Certain characters such as @:!#$ break proxy authentication strings when included without url-encoding them.
Proof / Evidence
- GitHub issue: #858
- Fix PR: https://github.com/encode/httpx/pull/1159
- Reproduced locally: No (not executed)
- Last verified: 2026-02-11
- Confidence: 0.70
- Did this fix it?: Yes (upstream fix exists)
- Own content ratio: 0.75
Discussion
High-signal excerpts from the issue thread (symptoms, repros, edge-cases).
“Certain characters such as @:!#$ break proxy authentication strings when included without url-encoding them. I'm dealing with a service account that has # in the password and httpx is unable handle this. # breaks the URI and %23 is sent lit”
Failure Signature (Search String)
- Certain characters such as @:!#$ break proxy authentication strings when included without url-encoding them.
- I'm dealing with a service account that has # in the password and httpx is unable handle this. # breaks the URI and %23 is sent literal.
Copy-friendly signature
Failure Signature
-----------------
Certain characters such as @:!#$ break proxy authentication strings when included without url-encoding them.
I'm dealing with a service account that has # in the password and httpx is unable handle this. # breaks the URI and %23 is sent literal.
Error Message
Signature-only (no traceback captured)
Error Message
-------------
Certain characters such as @:!#$ break proxy authentication strings when included without url-encoding them.
I'm dealing with a service account that has # in the password and httpx is unable handle this. # breaks the URI and %23 is sent literal.
What Broke
Proxy authentication fails when special characters are included without URL encoding, leading to connection errors.
Why It Broke
Certain characters in proxy authentication strings are not properly URL-encoded, causing issues with URI parsing
Fix Options (Details)
Option A — Apply the official fix
Handles URL quoting for username and password components in proxy authentication strings, allowing special characters to be properly encoded.
Fix reference: https://github.com/encode/httpx/pull/1159
Last verified: 2026-02-11. Validate in your environment.
When NOT to Use This Fix
- This fix should not be used if the application does not require special character handling in proxy authentication.
Did This Fix Work in Your Case?
Quick signal helps us prioritize which fixes to verify and improve.
Prevention
- Add a CI check that diffs key outputs after upgrades (OpenAPI schema snapshots, JSON payload shapes, CLI output).
- Upgrade behind a canary and run integration tests against the canary before 100% rollout.
Related Issues
No related fixes found.
Sources
We don’t republish the full GitHub discussion text. Use the links above for context.