cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: URL with @ in passwords

From: Goetz Babin-Ebell <gbabinebell_at_betrusted.com>
Date: Thu, 29 Jul 2004 18:31:10 +0200

Hello Gisle,

Gisle Vanem wrote:
> "Daniel Stenberg" <daniel-curl_at_haxx.se> wrote:
>
>>>Could a url like this be legalised?
>>>
>>>>curl -v ftp://ftp:passwd-with-@-in-it@host.foo/
>>
>>It could possibly be dealt with, if we made the parser scan for the _last_
>>@-letter to terminate the password instead of having the _first_ @-letter
>>found do it.
>
> You mean the last '@' before the file part? So an URL
> ftp://ftp:passwd-with-@-in-it@host.foo/file-with-@-in-it
>
> would work.

And how would you want to identify the file part ?

Don't forget something like

ftp://ftp:passwd-with-@./-in-it@host.foo/file-with-@-in-it

I think you have opened a can of worms...

It seems the only way to handle this is
to remove user ID and pass phrase from the URI.
With user ID and pass phrase given seperately:

curl -v -u user:passwd-with-_at_./-in-it fttp://host.fo/file-with-_at_-in-it

Bye

Goetz

-- 
Goetz Babin-Ebell, software designer,
TC TrustCenter AG, Sonninstr. 24-28, 20097 Hamburg, Germany
Office: +49-(0)40 80 80 26 -0,  Fax: +49-(0)40 80 80 26 -126
www.trustcenter.de www.betrusted.com

Received on 2004-07-30