Drop support for embedded credentials in subresource requests. (removed)

We should block requests for subresources that contain embedded credentials (e.g. "http://ima_user:hunter2@example.com/yay.tiff"). Such resources would be handled as network errors.


No public standards discussion

Status in Chromium


Removed (tracking bug) in:

  • Chrome for desktop release 59

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • No public signals
  • No public signals
  • No public signals
  • No signals


Last updated on 2017-06-14