Issue #10652 has been updated by Akira Tanaka.

Assignee changed from Akira Tanaka to Ayumu AIZAWA
Priority changed from Low to Normal

ayumin committed the patch at r49118.

However, I think there should be security consideration.

Storing secret information in environment variables is not a trivially safe behavior.

For example, I read two articles recently:

- http://movingfast.io/articles/environment-variables-considered-harmful/
- http://blog.kazuhooku.com/2014/06/unixos.html (in Japanese)

----------------------------------------
Feature #10652: Automatic detection of user and password from env
https://bugs.ruby-lang.org/issues/10652#change-50764

* Author: Rafael Silva
* Status: Assigned
* Priority: Normal
* Assignee: Ayumu AIZAWA
* Category: lib
* Target version: Next Major
----------------------------------------
Get user and pass from http_proxy variable when specified, so that NET::HTTP can handle connections behind authenticated proxies automatically.

I'm new, so please correct me if this isn't the correct way to go.

Also, I've open a PR on github at [[https://github.com/ruby/ruby/pull/763]]

---Files--------------------------------
f17b3008197b81b8afaefb7de2ed43187620a1dc.patch.txt (1.07 KB)


-- 
https://bugs.ruby-lang.org/