RFR: 8029354: URLPermission.<init> throws llegalArgumentException: Invalid characters in hostname
Weijun Wang
weijun.wang at oracle.com
Mon Dec 2 04:17:12 PST 2013
On 12/2/13, 19:00, Michael McMahon wrote:
> It looks like userinfo is not permitted in http URLs anyway (in rfc
> 2616). And even if clients
> are permissive about allowing it, any userinfo would most likely not be
> seen by a server
> since the request URI only contains the path component of the original URI.
Of course not, password should no be sent to the server in this way. My
understanding is that it will be used by the browser when server
requests for authentication.
--Max
>
> I need to look at the bug report, to see how this situation arose in the
> first place.
>
> Michael
>
> On 02/12/13 10:41, Weijun Wang wrote:
>> Is it possible to just ignore the userinfo part? I wonder if people
>> will complain why "user:pass" is not the same as "user".
>>
>> --Max
>>
>> On 12/2/13, 18:00, Michael McMahon wrote:
>>>> This means http://example.com does not imply
>>>> http://someone@example.com. Is this intended?
>>
>>>>> http://cr.openjdk.java.net/~michaelm/8029354/webrev.1/
>
More information about the net-dev
mailing list