[thelist] Protection Tip - Security Issue
Henning
evolt at webmediaconception.com
Wed Jan 16 22:46:04 CST 2002
In response to a message [Bob Haroche] sent [11:04 16.01.02 -0800]:
>Here's syntax to create a link to bypass that box and go directly into the
>protected directory:
>
>http://username:password@http://www.domain.com/protected_folder.
I'm using this on one of my sites. I'm uncomfortable with the implied
security issue though since user name and password will be in plain view in
the address bar.
So far I've tried to solve this by opening the protected page in a new
window w/o any of the window bars.
Trouble is though: as long as the new page hasn't loaded completely the
accessed URL (and consequently the user name and password) is visible in
the upper window border where the document's title is being displayed later on.
Anybody have a better solution for this?
thx
Henning
More information about the thelist
mailing list