Respect trust_env on redirect.

diff --git a/requests/sessions.py b/requests/sessions.py
index 531fd667de1a885e127489c384e08b6c9f30bfe6..ae7390c5b878f27061b1cfdd7e9c3fd8355be69f 100644 (file)
--- a/requests/sessions.py
+++ b/requests/sessions.py
@@ -169,7 +169,7 @@ class SessionRedirectMixin(object):
 
             # However, .netrc might have more auth for us. Let's get it if it
             # does.
-            new_auth = get_netrc_auth(url)
+            new_auth = get_netrc_auth(url) if self.trust_env else None
             if new_auth is not None:
                 prepared_request.prepare_auth(new_auth)