i understand the problems mentioned at rfc3986 with respect to  
applications that need to display an uri.

i need to fetch data with open-uri on base of a config file storing  
that uri. (no need to display the uri again). Furthermore i would add  
this feature as i was 'very surprised' ;) that this is not working.  
And last but not least this will (imho) not open security holes. (URI 
() operates with userinfo too...)

Paul

PS: my first post on this list - so thank you very mutch for ruby -  
after years of perl, php, c, c++ and java i have the feeling that i  
finally arrived...

> |open-uri('http://user:pass / www.host.de/') does not work as expected.
>
> According to RFC3986, supporting userinfo in URI is dangerous, so that
> open-uri will not support it.