Is http://mydomain.com/me@mail.com safe to use as URL?

Question

I consider to setup a server to deal with URLs including email address such as

http://mydomain.com/me@mail.com

According to RFC 3986, I userstand @ is reserved on authority part = //mydomain.com/, but unreserved on path part /......., so currently I assume it's ok to use email address on pass.

Having said that, I still not sure if it is safe to use like http://mydomain.com/me@mail.com on production.

Please advise. Thanks.

Well, I'm not talking about email address itself, but URL 'including' email address. — , May 25 '12 at 23:34

score 0 · Accepted Answer · answered May 25 '12 at 23:40

0

It's fine—your interpretation of the RFC is correct, and there's no "risk" (in terms of browsers doing the wrong thing) for using an @ in the URI portion.

answered May 25 '12 at 23:40

Asherah

18,948
5
53
72

Is http://mydomain.com/me@mail.com safe to use as URL?

1 Answers1