Fossil: View Ticket

Ticket UUID:	c207d749a2ec7b0fda4c8a683eef0ec44c6efa0f
Title:	@ character not possible in password
Status:	Closed	Type:	Incident
Severity:	Minor	Priority:
Subsystem:		Resolution:	Works_As_Designed
Last Modified:	2008-11-28 20:51:07
Version Found In:
Description & Comments:
when authenticating with a remote repository (in the form http://user:password@url) there is no way to escape special chars in the password. Eliminating several punctuation symbols seems to limit the security of passwords. At the very least it would be good to document. kkinnell added on 2008-11-25 03:36:22: That's really more a problem with the htt protocol than a problem with fossil. Have you tried it as %40 ? No guarantee it'll work, but worth a try. (If you want all kinds of "fun" with webapps and passwords, try a password with '%' in it, and try getting it through a proxy, to boot. More "fun" than you ever wanted to have.) anonymous claiming to be Rockshox added on 2008-11-25 03:43:52: I would respectfully call it a problem with the url parser. http authentication is done base64 encoded in the header, you can use any character without a problem. The issue is pulling out which parts go in the header and which part is the url. I would suggest an optional -p and -u flag in lieu of user:password@ syntax kkinnell added on 2008-11-25 18:34:20: I must admit you are technically right about that (but I reserve the right to claim that http authentication could have been done much better ;) On the other hand, the work around for the problem is to use the `http://name@URL` form of specifying the remote repository. If you do it that way, fossil prompts you for a password.