Hi, I’m working on a cli which will take input for username from user and generate Caddyfile with basic_auth setup. I just wanted to know that what are the invalid characters for username in basic_auth so that I can validate it before generating Caddyfile. Thankyou!
There’s not really anything that’s invalid. Possibly only : because it’s used as a delimiter between the username and password in the Authorization header. But that’s probably it.
1 Like
Thankyou
I would suggest avoiding any of the following characters in username or password used in HTTP Basic auth:
@ # : /
@ separates userinfo from host
: separates login from password in userinfo
/ separates host from path
# is just a character you in general want to avoid in CLI
More info: URL
2 Likes