The Fix
pip install urllib3==1.25.11
Based on closed urllib3/urllib3 issue #800 · PR/commit linked
@@ -1,4 +1,5 @@
@@ -1,4 +1,5 @@
from __future__ import absolute_import
+from email.errors import StartBoundaryNotFoundDefect, MultipartInvariantViolationDefect
from ..packages.six.moves import http_client as httplib
repro.py
import requests, logging
logging.basicConfig(level=logging.WARNING)
logging.getLogger("requests").setLevel(logging.DEBUG)
headers = {'accept': "multipart/mixed"}
r = requests.get("http://localhost:8124/cgi-bin/mpm.pl", headers=headers)
print(r)
verify
Re-run the minimal reproduction on your broken version, then apply the fix and re-run.
fix.md
Option A — Upgrade to fixed release\npip install urllib3==1.25.11\nWhen NOT to use: This fix should not be applied if actual multipart parsing issues are present.\n\n
Why This Fix Works in Production
- Trigger: DEBUG:requests.packages.urllib3.connectionpool:"GET http://localhost:8124/cgi-bin/mpm.pl HTTP/1.1" 200 178
- Mechanism: Multipart responses were incorrectly triggering header parsing warnings due to defects in the email parser
- Why the fix works: Addresses the multipart errors that are showing up in urllib by removing false warnings related to multipart responses. (first fixed release: 1.25.11).
Why This Breaks in Prod
- Shows up under Python 3.4 in real deployments (not just unit tests).
- Multipart responses were incorrectly triggering header parsing warnings due to defects in the email parser
- Surfaces as: DEBUG:requests.packages.urllib3.connectionpool:"GET http://localhost:8124/cgi-bin/mpm.pl HTTP/1.1" 200 178
Proof / Evidence
- GitHub issue: #800
- Fix PR: https://github.com/urllib3/urllib3/pull/1665
- First fixed release: 1.25.11
- Reproduced locally: No (not executed)
- Last verified: 2026-02-09
- Confidence: 0.85
- Did this fix it?: Yes (upstream fix exists)
- Own content ratio: 0.49
Discussion
High-signal excerpts from the issue thread (symptoms, repros, edge-cases).
“Same with azure https://github.com/Azure/azure-storage-python/issues/167”
“As of 2019, I can confirm this issue still exists, particularly while using boto3 on AWS Lambda. It's very random to be honest.”
“I think this traces all the way back to the email/rfc822 parser, and how it's trying to track your header”
“Actually I'm mistaken, nevermind. (Deleted comment)”
Failure Signature (Search String)
- DEBUG:requests.packages.urllib3.connectionpool:"GET http://localhost:8124/cgi-bin/mpm.pl HTTP/1.1" 200 178
Error Message
Stack trace
error.txt
Error Message
-------------
DEBUG:requests.packages.urllib3.connectionpool:"GET http://localhost:8124/cgi-bin/mpm.pl HTTP/1.1" 200 178
WARNING:requests.packages.urllib3.connectionpool:Failed to parse headers (url=http://localhost:8888/http://localhost:8124/cgi-bin/mpm.pl): [StartBoundaryNotFoundDefect(), MultipartInvariantViolationDefect()], unparsed data: ''
Traceback (most recent call last):
File "/home/ndw/.virtualenvs/pyapi/lib/python3.4/site-packages/requests-2.8.0-py3.4.egg/requests/packages/urllib3/connectionpool.py", line 390, in _make_request
assert_header_parsing(httplib_response.msg)
File "/home/ndw/.virtualenvs/pyapi/lib/python3.4/site-packages/requests-2.8.0-py3.4.egg/requests/packages/urllib3/util/response.py", line 58, in assert_header_parsing
raise HeaderParsingError(defects=defects, unparsed_data=unparsed_data)
requests.packages.urllib3.exceptions.HeaderParsingError: [StartBoundaryNotFoundDefect(), MultipartInvariantViolationDefect()], unparsed data: ''
Minimal Reproduction
repro.py
import requests, logging
logging.basicConfig(level=logging.WARNING)
logging.getLogger("requests").setLevel(logging.DEBUG)
headers = {'accept': "multipart/mixed"}
r = requests.get("http://localhost:8124/cgi-bin/mpm.pl", headers=headers)
print(r)
Environment
- Python: 3.4
What Broke
Warnings about multipart responses clutter logs, causing confusion during debugging.
Why It Broke
Multipart responses were incorrectly triggering header parsing warnings due to defects in the email parser
Fix Options (Details)
Option A — Upgrade to fixed release Safe default (recommended)
pip install urllib3==1.25.11
When NOT to use: This fix should not be applied if actual multipart parsing issues are present.
Use when you can deploy the upstream fix. It is usually lower-risk than long-lived workarounds.
Fix reference: https://github.com/urllib3/urllib3/pull/1665
First fixed release: 1.25.11
Last verified: 2026-02-09. Validate in your environment.
When NOT to Use This Fix
- This fix should not be applied if actual multipart parsing issues are present.
Verify Fix
verify
Re-run the minimal reproduction on your broken version, then apply the fix and re-run.
Did This Fix Work in Your Case?
Quick signal helps us prioritize which fixes to verify and improve.
Prevention
- Add a CI check that diffs key outputs after upgrades (OpenAPI schema snapshots, JSON payload shapes, CLI output).
- Upgrade behind a canary and run integration tests against the canary before 100% rollout.
- Track RSS + object counts after deployments; alert on monotonic growth and GC pressure.
- Add a long-running test that repeats the failing call path and asserts stable memory.
Version Compatibility Table
| Version | Status |
|---|---|
| 1.25.11 | Fixed |
Related Issues
No related fixes found.
Sources
We don’t republish the full GitHub discussion text. Use the links above for context.