On 12/2/13, 19:00, Michael McMahon wrote:
It looks like userinfo is not permitted in http URLs anyway (in rfc
2616). And even if clients
are permissive about allowing it, any userinfo would most likely not be
seen by a server
since the request URI only contains the path component of the original URI.
Of course not, password should no be sent to the server in this way. My
understanding is that it will be used by the browser when server
requests for authentication.
--Max
I need to look at the bug report, to see how this situation arose in the
first place.
Michael
On 02/12/13 10:41, Weijun Wang wrote:
Is it possible to just ignore the userinfo part? I wonder if people
will complain why "user:pass" is not the same as "user".
--Max
On 12/2/13, 18:00, Michael McMahon wrote:
This means http://example.com does not imply
http://some...@example.com. Is this intended?
http://cr.openjdk.java.net/~michaelm/8029354/webrev.1/
