Re: Username and password in URL stopped working with proxy

On Wednesday 14 August 2019 at 23:35:47 +0200, Daniel Stenberg wrote:
> On Wed, 14 Aug 2019, Mike Crowe wrote:
>
> > If this doesn't help point at the problem, please can you post the full
> > output from when you successfully ran:
> >
> > $ ./src/curl http://daniel:hello@www.haxx.se -x localhost:80 --trace-ascii -
> > -o /dev/null
>
> It seems to work?
>
> 0000: GET http://www.haxx.se/ HTTP/1.1
> 0022: Host: www.haxx.se
> 0035: Authorization: Basic ZGFuaWVsOmhlbGxv
> 005c: User-Agent: curl/7.66.0-DEV
> 0079: Accept: */*
> 0086: Proxy-Connection: Keep-Alive

That seems to be using basic authentication, so there's no 401 round trip
required to get the nonce. Please can you post the full output when using
digest authentication?

> Removing those lines you mentioned causes test failures, the first I saw
> being test 84.

I'm not surprised. They must have been put there for a reason. I was only
hoping that it might help to pinpoint what's going wrong.

> The credentials really shouldn't be in the request path that
> is sent to the proxy, the Authorization: header should be enough.

I can believe that's true. It's the lack of Authorization header in my log
that would appear to be the cause of the problem.

Mike.
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2019-08-15