[erlang-patches] problem with ":" in http passwords
Wed May 19 14:05:50 CEST 2010
>> I was trying to do something along the lines of
>> http:request("http://foo:bar:bee:firstname.lastname@example.org"), where, in theory,
>> 'foo' is the username, and the rest is a password, but that causes
>> problems - try it for yourself and see what sort of headers it
> Looking at RFC 1738:
> The user name (and password), if present, are followed by a commercial
> at-sign "@". Within the user and password field, any ":", "@", or "/"
> must be encoded.
> See: http://www.faqs.org/rfcs/rfc1738.html
> Maybe try:
Aha - I suspected as much, but I looked at the wrong RFC, I guess. A
quick experiment shows that the service I'm trying to talk with
(twitter's streaming API) does not like it if I encode the entire
password, but does accept encoded ':' characters (as per the RFC, I
suppose). It also accepts it unencoded. So the proper fix here will
encode :, @ and / and nothing else. It'll probably take me a bit to
get to that.
David N. Welton
More information about the erlang-patches