Pull upstream fix for CVE-2016-5552
to replace our local change that is essentially equivalent logic.
The upstream fix additionally fixes a flaw which if there is more
than one @ in the authority portion, then user and host are set to null
(ignored as malformed).
(cherry picked from commit 2e3689a5019e781fb361cc67982926beaaa969c2)
(cherry picked from commit 7247f6a70e89efb4696aaaffaf7a0325604a6e06)
2 files changed