Skip to content

url.resolve auth issue #1435

Closed
Closed
url.resolve auth issue#1435
Labels
confirmed-bugIssues with confirmed bugs.urlIssues and PRs related to the legacy built-in url module.
@stevenvachon

Description

@stevenvachon
stevenvachon
opened on Apr 16, 2015
require("url").resolve(
  "http://user:[email protected]:80/path/resource.html?query#hash",
  "http://fakeurl.com/path/resource.html?query#hash"
);

produces http://user:[email protected]/path/resource.html?query#hash

Node.js has been doing this for as long as I've been using it. How can it be correct to add auth information from one absolute url to another absolute url?

Metadata

Metadata

Assignees

No one assigned

    Labels

    confirmed-bugIssues with confirmed bugs.urlIssues and PRs related to the legacy built-in url module.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions