26340 – Ignoring username and password from the base URL?

This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 26340 - Ignoring username and password from the base URL?

Summary: Ignoring username and password from the base URL?

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	WHATWG
Classification:	Unclassified
Component:	URL (show other bugs)
Version:	unspecified
Hardware:	All All

Importance:	P2 normal
Target Milestone:	Unsorted
Assignee:	Anne
QA Contact:	sideshowbarker+urlspec

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2014-07-15 18:34 UTC by Simon Sapin
Modified:	2015-07-04 14:21 UTC (History)
CC List:	1 user (show)

See Also:

Attachments

Description Simon Sapin 2014-07-15 18:34:48 UTC

In various places of the URL parser, the "missing pieces" of a relative are filled in from the base URL. For example, in relative state:

> EOF code point
> Set url's host to base's host, url's port to base's port, url's path to base's path, and url's query to base's query.

The base URL’s username and password are always ignored. Is this deliberate?

Comment 1 Anne 2014-07-28 13:21:21 UTC

Yes. Unless you have evidence to the contrary, of course.

Comment 2 Simon Sapin 2015-07-04 14:21:40 UTC

For future archaeologists: https://github.com/whatwg/url/commit/06b2e6895dff2e6efaeba65f4eb1bc27ecc21581