So yeah, um, this is not okay. It is not discoverable and could easily leak sensitive information. Auth credentials even, seriously? Also Chrome does this too. And it is preserved across `mv` to another filesystem.https://twitter.com/gynvael/status/1077671412847046657 …
-
-
Ah, did you just type the url in? It might still work like that. It was intentionally disabled for subresource requests in Chrome 59, and stopped working for opening Chrome from CLI around the same time. Makes it kinda useless for scripting.
-
I also tested it from the command line, and from <a> links on another origin. It works.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
$ getfattr -d -m - test
user.xdg.origin.url="https://user:passwd@gynvael.coldwind.pl/"