On Wed, Nov 16, 2016 at 10:05:53AM +0000, David Woolley wrote:
> user = 1*( unreserved / escaped / user-unreserved )
> user-unreserved = "&" / "=" / "+" / "$" / "," / ";" / "?" / "/"
That seems to be a quote from RFC 3261? The relevant RFC here is 3986:
userinfo = *( unreserved / pct-encoded / sub-delims / ":" )
sub-delims = "!" / "$" / "&" / "'" / "(" / ")"
/ "*" / "+" / "," / ";" / "="
I have a few observations about the current Lynx patches, though.
1. From a user's perspective, I'm not sure I understand the difference
between the messages "User/password may appear to be a hostname" and
"User/password may be confused with hostname".
2. It currently seems to be impossible to trigger the message "User/password
contains only punctuation".
3. According to RFC 3986, it's permissible to have an empty password.
However, lynx http://username:@www.debian.org/ says this:
Looking up username:@www.debian.org
Alert!: Address has invalid port
Unable to locate remote host username:@www.debian.org.
4. If I do something stupid like this: lynx http://[email protected]/
then Lynx tries to look up an empty hostname. This might not be
considered a bug in the scheme of things; however, if I do
http://[email protected]/ then it successfully goes
to google.com and really it should have reported that as an error.
imc
_______________________________________________
Lynx-dev mailing list
[email protected]
https://lists.nongnu.org/mailman/listinfo/lynx-dev
