httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From George Gallen <>
Subject RE: [users@httpd] microsoft security patch
Date Thu, 05 Feb 2004 18:42:36 GMT
Will http://server/auth?user:pass  work for you?
it will go to server/auth, and ignore the user:pass
   but your cgi can still grab it by pulling the requested URL.


>-----Original Message-----
>From: Crawford, Cole []
>Sent: Thursday, February 05, 2004 12:09 PM
>Subject: [users@httpd] microsoft security patch
>As most of you know microsoft released a patch on the 2nd that 
>stopped strings like http://user:password@URL
>well..I use this functionality and now my reports aren't 
>working, their workarounds don't work for me
>I'm trying to pass in the username and password in apache so 
>IE doesn't die, but I also want to hide the string.
>Something like
>ProxyPass /auth/ http://user:pass@server/auth
>ProxyPassReverse /auth/ http://user:pass@server/auth
>is what I'm looking for but obviously that won't work.
>Thanks for any help,
>Learn more about Paymentech's payment processing services at
THIS MESSAGE IS CONFIDENTIAL.  This e-mail message and any attachments are
proprietary and confidential information intended only for the use of the
recipient(s) named above.  If you are not the intended recipient, you may
not print, distribute, or copy this message or any attachments.  If you have
received this communication in error, please notify the sender by return
e-mail and delete this message and any attachments from your computer.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message