- From: Willy Tarreau <w@1wt.eu>
- Date: Mon, 27 Jan 2020 16:32:34 +0100
- To: Daniel Stenberg <daniel@haxx.se>
- Cc: Rick van Rein <rick@openfortress.nl>, James Fuller <jim@webcomposite.com>, Austin Wright <aaa@bzfx.net>, "HTTPbis WG (IETF)" <ietf-http-wg@w3.org>
On Mon, Jan 27, 2020 at 01:40:51PM +0100, Daniel Stenberg wrote: > On Mon, 27 Jan 2020, Rick van Rein wrote: > > > Browsers have no consistency in this usage pattern, so this is > > definately a niche. > > Yes, but a niche with potentially a large amount of users. > > And in fact, it sends the user name without a password in a HTTP header, > which is... well, what you ask for. =) Actually the only valid use case I've ever had for user[+pass] in URIs were for FTP URIs that I was typing in browsers (or following links to download stuff from various places). I'm not even sure browsers still support FTP URIs nowadays ;-) Willy
Received on Monday, 27 January 2020 15:32:45 UTC