On Wed, Dec 21, 2005 at 11:26:00AM +0100, Oleg Kalnichevski wrote: > On Wed, Dec 21, 2005 at 11:23:58AM +0100, Roland Weber wrote: > > Hi Oleg, > > > > > I always thought the URI class was meant to represent an abstract URI. > > > > I'm not arguing against keeping uid/pwd in the URI objects. > > > > > Besides, in my opinion if the uid/pwd are given in a URI, they should be > > > preserved by HttpMethod classes even if they are not applicable for a > > > particular scheme/protocol > > > > I don't think that uid/pwd should be included in the request needlessly. > > I thought they were intentionally removed at some point in time for the > > sake of improved security, but I might as well be wrong here. It is hard > > to remember the different occasions on which I had discussion about URLs > > containing passwords. > > > > I'll check the commit history > > Oleg
I am unable to find anything in the commit history suggesting that this functionality was removed for security reasons Oleg > > > > > cheers, > > Roland > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
