empty auth vs no auth -- same? #181
Comments
|
@stevenvachon the former sets the password to the empty string. Which means it serializes differently. What's the context for the question? |
|
Do all clients treat the above two URLs as the same, or do they use the empty username/password values? If they are the same, should they not serialize the same? Just as these two do: I'm writing a library that, among other things, provides a means of comparing URLs for relation. |
|
With the current public API of this standard, having no username and password is the same as having an empty username and password. url = new URL("http://domain.com/")
url.username==="" && url.password==="" //-> trueurl = new URL("http://:@domain.com/")
url.username==="" && url.password==="" //-> true |
|
Yeah, the API does not distinquish there. We could maybe also normalize the serialization, but that would require impl changes. |
Hmm, would it? Assuming
|
|
Thanks for checking. It does seem like the standard is bogus. |
It turns out that preserving the ability to serialize an empty string password is not something any implementation supports. Fixes #181.
It turns out that preserving the ability to serialize an empty string password is not something any implementation really supports. Tests: web-platform-tests/wpt#4405. Fixes #181.
and others
http://:@domain/(empty username and password)vs
http://domain/Are they the same?
The text was updated successfully, but these errors were encountered: