118344 – Serialization of empty string password in URL

Bug 118344 - Serialization of empty string password in URL

Summary: Serialization of empty string password in URL

Status:	RESOLVED INVALID

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebCore Misc. (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2013-07-03 01:47 PDT by Anne van Kesteren
Modified:	2023-04-05 09:56 PDT (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Anne van Kesteren 2013-07-03 01:47:08 PDT

I ran the serialization tests of bug 104919 against the URL Standard. I feel that the password being the empty string should be preserved. That is, http://:@apple.com/ should not become http://apple.com/. That would be more in line with RFC 3986 and Gecko.

Comment 1 Alexey Proskuryakov 2013-07-03 10:10:41 PDT

I'm not sure about the case above where username is also empty. But I tend to agree for "http://a:@www.apple.com".

Comment 2 Anne van Kesteren 2023-04-05 09:56:32 PDT

The URL Standard changed on this apparently:

https://url.spec.whatwg.org/#concept-url-serializer
https://jsdom.github.io/whatwg-url/#url=aHR0cDovLzpAYXBwbGUuY29tLw==&base=YWJvdXQ6Ymxhbms=