Fossil SCM

when authenticating with a remote repository (in the form http://user:password@url) there is no way to escape special chars in the password. Eliminating several punctuation symbols seems to limit the security of passwords. At the very least it would be good to document.

kkinnell added on 2008-11-25 03:36:22:
That's really more a problem with the htt protocol than a problem with fossil.

Have you tried it as %40 ? No guarantee it'll work, but worth a try.

(If you want all kinds of "fun" with webapps and passwords, try a password with '%' in it, and try getting it through a proxy, to boot. More "fun" than you ever wanted to have.)

anonymous claiming to be Rockshox added on 2008-11-25 03:43:52:
I would respectfully call it a problem with the url parser. http authentication is done base64 encoded in the header, you can use any character without a problem. The issue is pulling out which parts go in the header and which part is the url. I would suggest an optional -p and -u flag in lieu of user:password@ syntax

kkinnell added on 2008-11-25 18:34:20:
I must admit you are technically right about that (but I reserve the right to claim that http authentication could have been done much better ;)

On the other hand, the work around for the problem is to use the
   http://name@URL
form of specifying the remote repository.

If you do it that way, fossil prompts you for a password.