--- Bill Stephenson <[EMAIL PROTECTED]> wrote:
> If a directory is password protected with .htaccess can you access it

> directly with a web browser by passing the user name and password in 
> the url string? Something like this?
> 
> http://www.mydomain.com/members/index.html?user=Moe&password=Howard
> 
> or do you always get the popup box?

You can usually bypass the popup with this:

  http://user:[EMAIL PROTECTED]/members/

However, I've that spoofing attacks have caused some user agents to not
forward the user/pass information when supplied in this format.  I
don't know if that's true.

In any event, when using .htaccess, I would strongly recommend using it
over a secure connection.

Cheers,
Ovid

-- 
If this message is a response to a question on a mailing list, please send
follow up questions to the list.

Web Programming with Perl -- http://users.easystreet.com/ovid/cgi_course/

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<http://learn.perl.org/> <http://learn.perl.org/first-response>


Reply via email to