net/http: document that Basic Auth may require URL encoding Explicitly warn callers that no URL encoding is performed and that they might need to do it. Fixes #31577 Change-Id: I52dc3fd2798ba8c3652d4a967b1c5c48eb69f43b Reviewed-on: https://go-review.googlesource.com/c/go/+/173319 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

commit: 415da714fa2b7e96743e14fe0a33f02ae8c8dd5b [log] [tgz]
author: Benoit Sigoure <tsunanet@gmail.com> Mon Apr 22 14:35:01 2019 -0700
committer: Brad Fitzpatrick <bradfitz@golang.org> Mon Apr 22 22:54:41 2019 +0000
tree: 3dc58507a3aa957f2da090422b183c9831ae0770
parent: 1f0c102a57f62de6f66381c75732ba486da7b904 [diff]
diff --git a/src/net/http/request.go b/src/net/http/request.go
index da5ac2c..8afe1a7 100644
--- a/src/net/http/request.go
+++ b/src/net/http/request.go

@@ -912,6 +912,10 @@
 //
 // With HTTP Basic Authentication the provided username and password
 // are not encrypted.
+//
+// Some protocols may impose additional requirements on pre-escaping the
+// username and password. For instance, when used with OAuth2, both arguments
+// must be URL encoded first with url.QueryEscape.
 func (r *Request) SetBasicAuth(username, password string) {
 	r.Header.Set("Authorization", "Basic "+basicAuth(username, password))
 }
commit	415da714fa2b7e96743e14fe0a33f02ae8c8dd5b	[log] [tgz]
author	Benoit Sigoure <tsunanet@gmail.com>	Mon Apr 22 14:35:01 2019 -0700
committer	Brad Fitzpatrick <bradfitz@golang.org>	Mon Apr 22 22:54:41 2019 +0000
tree	3dc58507a3aa957f2da090422b183c9831ae0770
parent	1f0c102a57f62de6f66381c75732ba486da7b904 [diff]