Reply to Re: Authentication, https and security. — PHP Programming Language

Posted by Peter Chant on 08/18/05 10:05

Alvaro G Vicario wrote:

> *** Peter Chant wrote/escribió (Tue, 16 Aug 2005 19:52:27 +0100):
>> Are the username and password in the login box that comes up encrypted?
>
> Try the Live HTTP Headers extension for Mozilla/Firefox. You'll see that
> user and password are sent as plain text within headers on every page
> request. Which, BTW, is the case of most authentication systems.
>

Even when using https?

> Make sure all page contents are encrypted. To all effects,
> https://www.example.com/ and http://www.example.com/submit.png belong to
> different web sites.

Yes, but I used https://www.example.com:4430 as I was running the server on
port 4430 and I still got the password dialog box when I tried
http://www.example.com:4430 leading me to think that in both cases
authentication was not password protected.

Pete

--
http://www.petezilla.co.uk

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация