Recipe 6.17 Accessing Credentials Embedded in URLs

Problem

You know people access your site using URLs with embedded credentials, such as http://user:password@host/, and you want to extract them from the URL for validation or other purposes.

Solution

None; this is a nonissue that is often misunderstood.

Discussion

For nonproxy requests, this doesn't even exist; the browser dissects the URL and turns it into the appropriate request header fields (i.e., WWW-Authenticate). For proxy requests, who knows?