Remove passwords from URLs going out via an insecure channel.

qutebrowser/browser/commands.py

@@ -356,7 +356,8 @@ class CommandDispatcher:
         Args:
             sel: True to use primary selection, False to use clipboard
         """
-        urlstr = self._tabs.currentWidget().url().toString(QUrl.FullyEncoded)
+        urlstr = self._tabs.currentWidget().url().toString(
+            QUrl.FullyEncoded | QUrl.RemovePassword)
         if sel:
             mode = QClipboard.Selection
             target = "primary selection"
@@ -608,7 +609,8 @@ class CommandDispatcher:
         Args:
             cmd: The command to execute.
         """
-        urlstr = self._tabs.currentWidget().url().toString(QUrl.FullyEncoded)
+        urlstr = self._tabs.currentWidget().url().toString(
+            QUrl.FullyEncoded | QUrl.RemovePassword)
         cmd = cmd.replace('{}', shell_escape(urlstr))
         log.procs.debug("Executing: {}".format(cmd))
         subprocess.Popen(cmd, shell=True)
@@ -621,6 +623,8 @@ class CommandDispatcher:
     @cmdutils.register(instance='mainwindow.tabs.cmd')
     def run_userscript(self, cmd, *args):
         """Run an userscript given as argument."""
+        # We don't remove the password in the URL here, as it's probably safe
+        # to pass via env variable.
         urlstr = self._tabs.currentWidget().url().toString(QUrl.FullyEncoded)
         runner = UserscriptRunner(self._tabs)
         runner.got_cmd.connect(self._tabs.got_cmd)

qutebrowser/browser/hints.py

@@ -301,7 +301,7 @@ class HintManager(QObject):
         """
         sel = self._context.target == Target.yank_primary
         mode = QClipboard.Selection if sel else QClipboard.Clipboard
-        urlstr = url.toString(QUrl.FullyEncoded)
+        urlstr = url.toString(QUrl.FullyEncoded | QUrl.RemovePassword)
         QApplication.clipboard().setText(urlstr, mode)
         message.info("URL yanked to {}".format("primary selection" if sel
                                                else "clipboard"))