Closed garrensmith closed 10 years ago
The problem here is not the @
. It's the #
denoting the beginning of the fragment. If you remove that, the parser will trip over %
because %^
is not a valid percent-encoding sequence.
The DOM URL will simply fail to parse:
new URL('https://scooby:doo bee doooo-oo!@#$%^&()-000@ten-eleven.com')
// SyntaxError: Failed to construct 'URL': Invalid URL
I've always tried to keep URI a best-guess parser, something that won't fail instead of inferring the meaning of a malformed character sequence… But looking at your example, a strict parsing might make more sense.
Ok cool. Thanks for the explanation.
Hi,
If I have a url like this:
https://scooby:doo bee doooo-oo!@#$%^&()-000@ten-eleven.com
Where the username isscooby
and the password isdoo bee doooo-oo!@#$%^&()-000
URL does not pass this password correctly and returns the password asdoo bee doooo-oo!
This password is ridiculous but people do put
@
in their passwords along with any of the other possible values in.Cheers Garren