cli icon indicating copy to clipboard operation
cli copied to clipboard
verified publisher icon httpie

Fix #1623: Decode percent-encoded credentials in URL

Open ns-fboucault opened this issue 3 months ago • 0 comments

Description

Fixes #1623

HTTPie now properly decodes percent-encoded characters in the username and password when they are provided in the URL's userinfo section.

This allows credentials containing special characters like @, =, and ? to be specified directly in URLs by percent-encoding them, matching the behavior of other HTTP clients like curl.

Changes

  • Modified httpie/cli/argparser.py to use urllib.parse.unquote() to decode username and password from URLs
  • Added test test_percent_encoded_credentials_in_url() to verify the fix

Example

This now works correctly:

http https://u%40d:1%3d2%[email protected]/basic-auth/u%40d/1%3d2%3f

Where u%40d decodes to u@d and 1%3d2%3f decodes to 1=2?

Testing

  • ✅ All existing auth tests pass (31 tests)
  • ✅ New test covers the reported issue
  • ✅ Manually verified with httpbin.org
  • ✅ Backward compatible (non-encoded credentials still work)

Checklist

  • [x] Tests added/updated
  • [x] All tests passing
  • [x] No breaking changes
  • [x] Follows existing code style

ns-fboucault avatar Oct 17 '25 08:10 ns-fboucault