cURL / Mailing Lists / curl-library / Single Mail


Re: URL with @ in passwords

From: Guenter Knauf <>
Date: Wed, 28 Jul 2004 22:39:42 +0200

Hi Gisle,
> Could a url like this be legalised?

>> curl -v
> * Couldn't find host in the .netrc file, using defaults
> * Could not resolve host:; Host not found
> * Closing connection #0
> curl: (6) Could not resolve host:; Host not found

> Internet Explorer v6 doesn't parse it. But Mozilla FireFox 0.8 and
> the ftp client in my 4NT shell does. Can't see why curl should be
> any worse.

from RFC 1738:

3.1. Common Internet Scheme Syntax

   While the syntax for the rest of the URL may vary depending on the
   particular scheme selected, URL schemes that involve the direct use
   of an IP-based protocol to a specified host on the Internet use a
   common syntax for the scheme-specific data:


   Some or all of the parts "<user>:<password>@", ":<password>",
   ":<port>", and "/<url-path>" may be excluded. The scheme specific
   data start with a double slash "//" to indicate that it complies with
   the common Internet scheme syntax. The different components obey the
   following rules:

        An optional user name. Some schemes (e.g., ftp) allow the
        specification of a user name.

        An optional password. If present, it follows the user
        name separated from it by a colon.

   The user name (and password), if present, are followed by a
   commercial at-sign "@". Within the user and password field, any ":",
   "@", or "/" must be encoded.

Received on 2004-07-28