Requests is a Non-GMO HTTP library for Python
Affected versions of this package are vulnerable to Information Exposure. Upon receiving a same-hostname https-to-http redirect, it sends the HTTP Authorization header to an http URI. This makes it easier for remote attackers to discover credentials by sniffing the network.
request to version 2.20 or higher.