username:password in URL - how to handle this?

I found on Assembla's webhook tool possibility to integrate with twitter. To do this assembla uses such开发者_运维百科 url:

http://username:password@twitter.com/statuses/update.xml

How twitter handles that kind of URL? Is this some standard? Does it require some special logic to perform login when someone POST data for URL with username:password? How can it be done in some web frameworks like RoR or Django?

Is this type of passing authentication data secure? (looks like not but maybe I'm missing something)

Its called Basic Authentication, supported by all the major browsers. It's also very insecure using HTTP. Here is a link to a Django implementation that adds Basic Auth to its security authentication chain. link

EDIT: Basic Auth is considered secure when using HTTPS but has other issues, it is the lowest common denominator when it comes to authentication but not ideal in a lot of situations.

Should be parsed as a basic http authentication