Allow the parameters for the reload url to contain basic credentials
I have an use case where I want the reload url cannot be protected via ip filters. And noticing that the reload page state reload urls I decided to try using basic auth (with credentials embedded in the url). To my suprise this broke the reload completely, even when I did not had enabled at apache the verification of the basic auth params.
Looking at the code I notices that LemonLDAP currently uses its own url parsing.... which does not understand basic auth credentials. Here I append a proposal that:
- explicitly uses http when the location for reload does not look like an http url.
- Uses the URI::URL module to parse the url in case it looks like an http request and keeps the logic of using the host specified in the url for the virtual host entry and the host in the tuple as the connection target.
- If the url contains explicit basic auth info... adds these to the request.