Escaping username characters in basic auth URLs

basic-authenticationhttp

When using http basic authentication, the username can be passed in the URL, e.g.

http://david@foo.com/path/

But now suppose the username is an email address, e.g. david@company.com. Doing this is clearly ambiguous:

http://david@company.com@foo.com/path/

Is there a way to escape the @ character in the username? I tried standard URL encoding:

http://david%40company.com@foo.com/path/

But that didn't do it.

Best Solution

According to RFC 3986, section 3.2.1, it needs to be percent encoded:

  userinfo    = *( unreserved / pct-encoded / sub-delims / ":" )

So it looks like

http://david%40company.com@foo.com/path/

Is right. Where are you trying to read it? Maybe you need to manually decode the value?