httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Dessent <br...@dessent.net>
Subject Re: [users@httpd] dealing with IE's block on URLs with password/username
Date Mon, 16 Feb 2004 15:42:02 GMT
Alex Moon wrote:

> Microsoft has released a security patch for IE that blocks the use
> of this syle of address:-
> 
> http://fredsmith:password@website.com
> 
> For various reasons I have used this as a means of giving access
> to  non critical websites that are normally IP protected via an
> external website that requires a login.  This website has links
> containing a generic password  that means the user  does not
> need to type in or even know a password to access the ip
> restricted websites.
> 
> Does anyone have any suggestion on how i can still block IP but
> allow users from a particlar web site access.    Any ideas would be
> gratefully recieved.

If Microsoft decides to disable a feature that you depend on, then your
options really boil down to "use something else" or "disable that
change", as far as I can tell.  For the former I suggest Mozilla or
Firefox, for the latter I suggest you read KB834489 for details of how
to re-enable the old behavior of IE:
<http://support.microsoft.com/default.aspx?scid=kb;en-us;834489>

If you're looking for some third option that involves no change on the
client end, then you're going to have to abandon using usernames in the
URL.  You might be able to get the equivalent functionality with a
script of some sort that receives the credentials in the query string,
and performs the authentication in some other way.

Brian

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message