Re: Specifying colon in authentication username
Date: Fri, 7 Sep 2007 09:15:36 -0400
On Tue, Sep 04, 2007 at 10:15:32AM -0400, Achint Mehta wrote:
> I am using the 7.16.3 version of curl library.
> Curl library's C API provides interface for specifying authentication
> username and password.
> However, the username and password have to be provided in a single API with
> username and password separated with a colon.
> This assumes that the username would not contain colon.
> Is there any way that I can specify a username conatining a colon (or is it
> a violation of protocol) ?
I've seen the various responses to this mail, but I am a bit confused.
It seems that at least for basic auth, it would indeed be a violation
of the protocol to have a userid with a colon in it. The spec even
goes so far as to define things with the userid explicitly excluded:
user-pass = userid ":" password
userid = *<TEXT excluding ":">
password = *TEXT
This grammar implies that there could be a password with a colon in it
for basic auth (since the first colon must be the delimiter in
user-pass), but not a userid.
Are you doing digest auth, rather than basic?
Received on 2007-09-07