You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2002/09/19 16:41:22 UTC
DO NOT REPLY [Bug 12814] -
login through URL
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12814>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12814
login through URL
slive@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From slive@apache.org 2002-09-19 14:41 -------
Apache never sees stuff before the @ in the URL. Rather, the browser
takes this stuff, BASE64 encodes it, and sends it in the Authorization
HTTP request header.
Therefore, the problem you are having is entirely with the browser,
not the server. The server is only responsible for removing the BASE64
encoding, not for URL-decoding or any such thing. See RFC2617.
In general, I wouldn't expect sending the userid/password in the URL
to be a very reliable technique across browsers.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org