nginx 400 error when username included in the uri
mike503 at gmail.com
Thu Aug 21 02:43:59 MSD 2008
isn't http://user:password@host now deprecated?
only IE supports that now pre-SP2 / patched right?
(not that i agree with it, but afaik it is not in RFC spec)
originally i had thought there was a generic URI RFC spec
where scheme can be telnet, ssh, http, https, scp, fastcgi, whatever
the programs require...
On 8/20/08, Michael Ching <michaelc at wush.net> wrote:
> Igor Sysoev wrote:
> > This patch ignores user only in "http://user@host".
> > Should password in "http://user:password@host" be ignored too ?
> Thank you for taking a look. You raise a good point. More generally, it
> would also error if the username included any characters invalid for a
> hostname. Working on a more complete fix.
More information about the nginx