Drop support for embedded credentials in subresource requests. (removed)

We should block requests for subresources that contain embedded credentials (e.g. "http://ima_user:hunter2@example.com/yay.tiff"). Such resources would be handled as network errors.

Specification

No public standards discussion

Status in Chromium

Blink


Removed (launch bug) in:

  • Chrome for desktop release 59
  • Opera release 46
  • Opera for Android release 46

Consensus & Standardization

  • No public signals
  • No public signals
  • No public signals
  • No signals

Owners

Last updated on 2017-06-14