Fix handling of redirects with authentication

[PLPeeters]

What do these changes do?

They make the client ignore auth clashes that are solely due to redirects, in addition to having redirect authentication take precedence over previously set authentication.

Are there changes in behavior for the user?

Users will no longer get a ValueError if a website suddenly includes multiple authenticated URLs in its redirect chain (see #9436 for an example).

While writing the test, I also wondered what should happen if we already have authentication set and get new authentication in a redirect URL. Mimicking what Chrome seems to be doing in this case, I opted to supersede the auth with that of the redirect. We can of course discuss this and tweak it if needed. I'm also on the fence on whether this warrants a separate PR, so I bundled it for now.

Is it a substantial burden for the maintainers to support this?

Probably not.

Related issue number

Fixes #9436

Checklist

• I think the code is well written
• Unit tests for the changes exist
• Documentation reflects the changes
• If you provide code modification, please add yourself to CONTRIBUTORS.txt
  • The format is <Name> <Surname>.
  • Please keep alphabetical order, the file is sorted by names.
• Add a new news fragment into the CHANGES/ folder

  • name it <issue_or_pr_num>.<type>.rst (e.g. 588.bugfix.rst)

  • if you don't have an issue number, change it to the pull request
    number after creating the PR

    • .bugfix: A bug fix for something the maintainers deemed an
      improper undesired behavior that got corrected to match
      pre-agreed expectations.
    • .feature: A new behavior, public APIs. That sort of stuff.
    • .deprecation: A declaration of future API removals and breaking
      changes in behavior.
    • .breaking: When something public is removed in a breaking way.
      Could be deprecated in an earlier release.
    • .doc: Notable updates to the documentation structure or build
      process.
    • .packaging: Notes for downstreams about unobvious side effects
      and tooling. Changes in the test invocation considerations and
      runtime assumptions.
    • .contrib: Stuff that affects the contributor experience. e.g.
      Running tests, building the docs, setting up the development
      environment.
    • .misc: Changes that are hard to assign to any of the above
      categories.

  • Make sure to use full sentences with correct case and punctuation,
    for example:

    Fixed issue with non-ascii contents in doctest text files
    -- by :user:`contributor-gh-handle`.

    Use the past tense or the present tense a non-imperative mood,
    referring to what's changed compared to the last released version
    of this project.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 98.59%. Comparing base (13dc020) to head (be3fea9).
Report is 1 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #9443   +/-   ##
=======================================
  Coverage   98.59%   98.59%           
=======================================
  Files         105      105           
  Lines       35097    35121   +24     
  Branches     4179     4181    +2     
=======================================
+ Hits        34604    34628   +24     
  Misses        329      329           
  Partials      164      164           

Flag	Coverage Δ
CI-GHA	98.47% <100.00%> (+<0.01%)	⬆️
OS-Linux	98.14% <100.00%> (+<0.01%)	⬆️
OS-Windows	96.53% <100.00%> (+<0.01%)	⬆️
OS-macOS	97.83% <100.00%> (+<0.01%)	⬆️
Py-3.10.11	97.70% <100.00%> (+<0.01%)	⬆️
Py-3.10.15	97.63% <100.00%> (+<0.01%)	⬆️
Py-3.11.10	97.70% <100.00%> (+<0.01%)	⬆️
Py-3.11.9	97.78% <100.00%> (-0.01%)	⬇️
Py-3.12.7	98.19% <100.00%> (+<0.01%)	⬆️
Py-3.13.0	98.18% <100.00%> (+<0.01%)	⬆️
Py-3.9.13	97.60% <100.00%> (+<0.01%)	⬆️
Py-3.9.20	97.53% <100.00%> (+<0.01%)	⬆️
Py-pypy7.3.16	97.16% <100.00%> (+<0.01%)	⬆️
VM-macos	97.83% <100.00%> (+<0.01%)	⬆️
VM-ubuntu	98.14% <100.00%> (+<0.01%)	⬆️
VM-windows	96.53% <100.00%> (+<0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[PLPeeters]

@webknjaz Is anything still required on my end to get this merged?

[webknjaz]

Is anything still required on my end to get this merged?

All's good on my side. It'd be nice to have a docstring in the test function, but that's minor. I'll let somebody else merge, though.

[bdraco]

That proxy test is flakey. I restarted the CI. I'm just about to walk out the door though so will check it when I get back home

[bdraco]

If everything passes, I'll throw it on production and make sure there aren't any unexpected side effects as soon as I have some spare cycles