I am testing an api that uses basic auth. I am trying to use the composer to hit the API. The existing suggestion is to build the authorization header by hand, but I would suggest that the URL field should be able to handle any URL that a browser or CURL can handle, and so I think it should be able to handle basic auth syntax in the URL, for example:
Currently it takes the user and password and separators and sends the whole thing to DNS ("myUser:p@firstname.lastname@example.org"). Even if it ignores the username and password (and why would you) it should parse them out before sending the hostname to DNS. I would be OK with it building the authorization header and removing it from the URL, but I would rather it handle that behind the scenes and leave the URL the way I pasted it in.