160

To send username and password with a URL, we use this scheme:

http://username:password@www.my_site.com

But my username is my_email@gmail.com.
The problem is the @.

How can I solve it?

Matas Vaitkevicius
  • 58,075
  • 31
  • 238
  • 265
Rodrigo
  • 11,909
  • 23
  • 68
  • 101
  • 10
    encode the `@` as `%40`. – Marc B Apr 07 '12 at 01:17
  • 6
    You don't want to include a password in your URL's, because then you might accidentally try to access the URL via HTTP (which you are doing), and this means that anyone with Wireshark within 50 meters of you has your password and username. – HoldOffHunger Jun 15 '17 at 12:56
  • The problem with using URL encoding in the username is that the HTTP client has to decode it before sending the username to the server. And though browsers seem to do that just fine, a lot of HTTP clients don't (and thus are broken). I can't believe how much of a mess it is considering it's 2021 – Pawel Veselov Apr 18 '21 at 22:19

3 Answers3

236

You need to URL encode the @ as %40.

Joe
  • 6,401
  • 3
  • 28
  • 32
  • 2
    Nice. This also works if your password contains an `@` too, which is increasingly likely with random passwords created by password managers. – Adambean Nov 04 '18 at 23:19
  • do I have to do this with all characters different than alphanumeric? for example, if my username is `name.lastname@mail.com` and my password `abc!@#`, should I use `name%2Elastname%40mail%2Ecom` and `abc%21%40%23`? – m4l490n Jan 08 '20 at 17:58
26

Just do:

 http://my_email%40gmail.com:password@www.my_site.com

I am quite surprised that problem was with username @ and not the password -usually this is where I get reserved characters in url authority or path parts.

To solve general case of special characters: Just open chrome console with F12 then paste encodeURIComponent(str) where str is your password (or username) and then use the encoded result to form url with password.

Or just run the below snippet and dump it here.

Put Url here
<br/>
<input type='text' id='urlEncodeField' style="width:250px" value='my_email@gmail.com' />
<input type='button' value='Click' onClick="console.log(encodeURIComponent(document.getElementById('urlEncodeField').value))" />

Hope this saves you some time.

Matas Vaitkevicius
  • 58,075
  • 31
  • 238
  • 265
21

Use %40 in your username instead of the @ symbol for the url encoding. It should pass it properly then.

inevio
  • 837
  • 6
  • 12