3.2.2. Server-based Naming Authority

URL schemes that involve the direct use of an IP-based protocol to
a specified server on the Internet use a common syntax for the
server component of the URI's scheme-specific data:

      <userinfo>@<host>:<port>

 where <userinfo> may consist of a user name and, optionally, scheme
 specific information about how to gain authorization to access the
 server.  The parts "<userinfo>@" and ":<port>" may be omitted.

      server        = [ [ userinfo "@" ] hostport ]

 The user information, if present, is followed by a commercial
 at-sign "@".

    userinfo      = *( unreserved | escaped |
                 ";" | ":" | "&" | "=" | "+" | "$" | "," )

 Some URL schemes use the format "user:password" in the userinfo
 field. This practice is NOT RECOMMENDED, because the passing of
 authentication information in clear text (such as URI) has proven
 to be a security risk in almost every case where it has been 
 used.