You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It seems to me that there are more than a few places where we strip username and password from a URL, then pass it to the URL serializer with the exclude fragment flag set. Perhaps we could simplify this by adding an exclude credentials flag as well?
I think this isn't a thing anyone is working on, and it's not enough of a concern to make it anything like a priority. Let's close it out, and think about it again if we add another spot that strips credentials.
It seems to me that there are more than a few places where we strip username and password from a URL, then pass it to the URL serializer with the
exclude fragment
flag set. Perhaps we could simplify this by adding anexclude credentials
flag as well?Is that a patch you'd accept, @annevk?
The text was updated successfully, but these errors were encountered: