>I need help with an HTAccess problem. I have bypassed HTAccess for a
>of my site by giving them a URL like this one:
WOW is this a bad idea.
This makes your users' name and password appear in the referer field
in the access_log (assuming you are using that style of log, it's
It also means that their passwords are in clear text on their screen,
and it means that when they bookmark that URL then any smuck can come
along later and use their machine (assuming it's a PC) to see the
What problem are you trying to solve with this "solution"? Perhaps we
can suggest a better way.
Quote:>This works great untill they use a CGI program. When it goes to a CGI
>program such as a search engine then back to the HTML pages it loses the
>username:password. Can anyone help me with an idea to fix the
Don't do this at all?
Why put the name+password in the URL at all?
XCOMM Kevin P. Neal, Junior, Comp. Sci. - House of Retrocomputing
XCOMM "Good grief, I've just noticed I've typed in a rant. Sorry chaps!"