Re: http-uri like http://user:firstname.lastname@example.org/index.html
Date: Sat, 31 Jul 2004 08:56:39 +0200 (CEST)
On Fri, 30 Jul 2004, Maurice Koster wrote:
> When passing a URI like http://user:email@example.com/index.html the HTTP
> Request header looks like:
> GET http://user:firstname.lastname@example.org/index.html HTTP/1.1\r\n
> Authorization: Basic Zmjechskdhsi==\r\n
You're using a proxy for this, right?
> Here Authorization is correctly filled, but 'user:passwd@' is not stripped
> from the URI of the GET. This is not according to spec (rfc2616 sec. 3.2.2)
Well, HTTP URLs don't actually contain user+password, so that's wrong in the
first place. libcurl however has been supporting user+password in HTTP URLs
since a long time.
> Is this a bug?
It seems so, yes.
-- Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se Dedicated custom curl help for hire: http://haxx.se/curl.htmlReceived on 2004-07-31