From 01220354d389cd05474713f8c982d05c9b17aafb Mon Sep 17 00:00:00 2001
From: Seth Michael Larson <sethmichaellarson@gmail.com>
Date: Mon, 2 Oct 2023 11:43:46 -0500
Subject: [PATCH] Backport GHSA-v845-jxx5-vc9f (#3139)

Co-authored-by: Quentin Pradet <quentin.pradet@gmail.com>
Co-authored-by: Illia Volochii <illia.volochii@gmail.com>

Conflict:NA
Reference:https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb

---
 src/pip/_vendor/urllib3/util/retry.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/pip/_vendor/urllib3/util/retry.py b/src/pip/_vendor/urllib3/util/retry.py
index c7dc42f..c7c0427 100644
--- a/src/pip/_vendor/urllib3/util/retry.py
+++ b/src/pip/_vendor/urllib3/util/retry.py
@@ -217,7 +217,7 @@ class Retry(object):
     RETRY_AFTER_STATUS_CODES = frozenset([413, 429, 503])
 
     #: Default headers to be used for ``remove_headers_on_redirect``
-    DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Authorization"])
+    DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Cookie", "Authorization"])
 
     #: Maximum backoff time.
     BACKOFF_MAX = 120