nginx 400 error when username included in the uri

Michael Ching michaelc at wush.net
Wed Aug 20 22:57:50 MSD 2008


Igor Sysoev wrote:
> This patch ignores  user only in "http://user@host".
> Should password in "http://user:password@host" be ignored too ?
>   
Thank you for taking a look.  You raise a good point.  More generally, 
it would also error if the username included any characters invalid for 
a hostname.  Working on a more complete fix.





More information about the nginx mailing list