change the default of authenticateOnRedirect

WHATSNEW

@@ -1,6 +1,15 @@
 Changes from Ant 1.10.12 TO Ant 1.10.13
 =======================================
 
+Changes that could break older environments:
+-------------------------------------------
+
+* <get> has a new attribute authenticateOnRedirect that can be used to
+  prevent Ant from sending the configured credentials when following a
+  redirect. It is false by default, which means builds that rely on
+  credentials being used on the redirected URI may break.
+  Github Pull Request #173
+
 Other changes:
 --------------
 
@@ -16,11 +25,6 @@ Other changes:
 * <ftp> now supports FTPs.
   Github Pull Request #170
 
-* <get> has a new attribute authenticateOnRedirect that can be used to
-  prevent Ant from sending the configured credentials when following a
-  redirect. It is true by default for backwards compatibility reasons.
-  Github Pull Request #173
-
 Changes from Ant 1.10.11 TO Ant 1.10.12
 =======================================
 

manual/Tasks/get.html

@@ -95,7 +95,7 @@ <h3>Parameters</h3>
     <td>authenticateOnRedirect</td>
     <td>Whether the credentials should also be sent to the new location when a redirect is followed.<br/>
     <em>since Ant 1.10.13</em></td>
-    <td>No; default is <q>true</q></td>
+    <td>No; default is <q>false</q></td>
   </tr>
   <tr>
     <td>maxtime</td>

src/main/org/apache/tools/ant/taskdefs/Get.java

@@ -82,7 +82,7 @@ public class Get extends Task {
     private boolean ignoreErrors = false;
     private String uname = null;
     private String pword = null;
-    private boolean authenticateOnRedirect = true; // on by default for backward compatibility
+    private boolean authenticateOnRedirect = false;
     private long maxTime = 0;
     private int numberRetries = NUMBER_RETRIES;
     private boolean skipExisting = false;