Feature #19915
open
URI::HTTP.build accepts user: and password: keyboard arguments, but do not populate #user or #password
Description
I noticed that URI::HTTP.build accepts the user: and password: keyword arguments, but does not actually set the user or password attributes of the built URI object. It does however correctly accept a userinfo: keyword argument.
Steps To Reproduce¶
uri = URI::HTTP.build(user: 'bob', password: 'secret', host: 'example.com', path: '/foo')
uri.user
uri.password
uri.to_s
Expected Results¶
uri.user
# => "bob"
uri.password
# => "secret"
uri.to_s
# => "http://bob:secret@example.com/foo"
Actual Results¶
uri.user
# => nil
uri.password
# => nil
uri.to_s
# => "http://example.com/foo"
Updated by jeremyevans0 (Jeremy Evans) about 1 year ago
- Tracker changed from Bug to Feature
- ruby -v deleted (
ruby 3.2.2 (2023-03-30 revision e51014f9c0) [x86_64-linux]) - Backport deleted (
3.0: UNKNOWN, 3.1: UNKNOWN, 3.2: UNKNOWN)
URI::HTTP.build does not accept keyword arguments, it accepts an array/hash. If you pass keyword arguments, they get turned into a hash, similarly to any Ruby method that does not explicitly accept keyword arguments. The method only recognizes keys in ::URI::Generic::COMPONENT. The method documents what are the components it accepts:
Components are: scheme, userinfo, host, port, registry, path,
opaque, query, and fragment.
So this is not a bug. If you would like to change it to accept user and password, that would be a feature request.
Updated by postmodern (Hal Brodigan) about 1 year ago
I would expect either for unused options to raise an ArgumentError, or for user: and password: to be accepted and used. Since URI::HTTP.build is actually accepting a Hash 1, this makes it harder to validate the given Hash keys and raise an ArgumentError on unused keys.