Unable to construct URL with user and password through Nette\Http\Url
- lutor
- Member | 27
Hi,
I have a situation where I have URL and I want to add username and password
to it (http://something.com
→ http://user:password@something.com). I looked to
\Nette\Http\Url, where in class doc comment is “visualisation” of parts of
URL – also with username and password.
So I thought, that I wil just create
new Nette\Http\Url($myUrlWithoutCredentials) and use
setUser() and setPassword() methods and then by
converting object to string I will get the same Url as original, but with
authetnication credentials.
But the result was same as original Url, because of this condition in \Nette\Http\Url on line 366 (third row in following code):
return $this->host === ''
? ''
: ($this->user !== '' && $this->scheme !== 'http' && $this->scheme !== 'https'
? rawurlencode($this->user) . ($this->password === '' ? '' : ':' . rawurlencode($this->password)) . '@'
: '')
// ...I do understand, that HTTP specification does not defines authentication via username:password (resp. it was marked as deprecated in RFC 3986), but what is confusing me is the doc comment in the Url class, that is is conflict with real implementation. Or is there any other (security?) reason why there is this mentioned condition, which does not allow to construct URLs with username and password?
Thanks.