Comment Re: Not exactly. See RFC 2396 (Score 3, Informative) 923
You wrote:
This has been updated. See RFC 2396, sec. 3.2.2
Note that the password portion is not recommended. From the same section:
Sage advice, I'd say.
BTW, The RFC Index Search Engine at rfc-editor.org returns links to obsoleted and updated RFCs. It's probably a good idea to check for updates prior to providing advice.
From RFC 1738, sec. 3.3:
An HTTP URL takes the form:andhttp://<host>:<port>/<path>?<searchpart& g t;
No user name or password is allowed.
This has been updated. See RFC 2396, sec. 3.2.2
URL schemes that involve the direct use of an IP-based protocol to a specified server on the Internet use a common syntax for the server component of the URI's scheme-specific data:
where may consist of a user name and, optionally, scheme-specific information about how to gain authorization to access the server. The parts "@" and ":" may be omitted.<userinfo>@<host>:<port>
Note that the password portion is not recommended. From the same section:
Some URL schemes use the format "user:password" in the userinfo field. This practice is NOT RECOMMENDED, because the passing of authentication information in clear text (such as URI) has proven to be a security risk in almost every case where it has been used.
Sage advice, I'd say.
BTW, The RFC Index Search Engine at rfc-editor.org returns links to obsoleted and updated RFCs. It's probably a good idea to check for updates prior to providing advice.
