Closed sunkan closed 1 year ago
Did you try other implementations of PSR-7? AFAIK, they all encode the \
, and this matches https://www.rfc-editor.org/rfc/rfc3986#appendix-A
I feel like the correct course of action is to pass rawurldecode($request->getUserInfo())
to curl here.
I've tried laminas and realized it didn't work but it has worked fine with the library.
So your solution is for me to go and modify buzz?
It's a bit annoying that with this change there is no popular psr-7 implementation that can be used to talk to Microsoft's stuff.
Buzz is clearly relying on an unspecified behavior yes... My reco is to replace buzz by Symfony HttpClient at this stage. And to fix Buzz indeed!
(you can pin nyholm/psr7 to ~1.15.0
if you want also, but then you know you'll have some technical debt to fix at some point)
Please link back if you do anything on another repo!
My reason for using this library was because it was following the psr and that says nothing about escaping the username and password.
And the psr say that the UriInterface
Is a Value object so in my eyes it shouldn't deal with escaping since as this prove the escaping is domain specific.
What you say is that ofc it should escape it and if I want to use it in any other way I need to know how it's been escaped and revers it instead of getting what I passed in. I feel like that's the definition of insanity.
I'm sorry for the confusion. You might want to check https://github.com/php-fig/fig-standards/pull/1298 as a follow up.
The previous behavior wasn't correct either, as shown when doing $uri->withUserInfo('a#b')
, which produces a broken URI string.
I figured out a more seamless way to produce non-broken URLs, see #221
Thank you for improving and fixing this
The change in #213 breaks ntml based authentication when specifying a domain.
When using ntml auth it's common to have a domain that is part of the username like this
The slash is not suppose to be escaped and if it's the authentication fails