Return-Path: 
 <apache-bugdb-return-842-apmail-apache-bugdb-archive=apache.org@apache.org>
Delivered-To: apmail-apache-bugdb-archive@apache.org
Received: (qmail 96658 invoked by uid 500); 3 May 2000 20:26:21 -0000
Mailing-List: contact apache-bugdb-help@apache.org; run by ezmlm
Precedence: bulk
X-No-Archive: yes
Reply-To: apache-bugdb@apache.org
list-help: <mailto:apache-bugdb-help@apache.org>
list-unsubscribe: <mailto:apache-bugdb-unsubscribe@apache.org>
list-post: <mailto:apache-bugdb@apache.org>
Delivered-To: mailing list apache-bugdb@apache.org
Received: (qmail 96645 invoked from network); 3 May 2000 20:26:20 -0000
Received: from gevjon.ttsg.com (ttsg@216.231.108.175)
  by locus.apache.org with SMTP; 3 May 2000 20:26:20 -0000
Received: (from ttsg@localhost)
	by gevjon.ttsg.com (8.9.0/8.9.0) id QAA13210;
	Wed, 3 May 2000 16:26:20 -0400 (EDT)
From: TTSG <ttsg@ttsg.com>
Message-Id: <200005032026.QAA13210@gevjon.ttsg.com>
Subject: Re: mod_log-any/5747: Does not log userid/pass if brought in on URL
 line
To: coar@apache.org
Date: Wed, 3 May 2000 16:26:20 -0400 (EDT)
Cc: apache-bugdb@apache.org, apache@ttsg.com
In-Reply-To: <20000503201321.90192.qmail@locus.apache.org> from
 "coar@apache.org" at May 3, 0 08:13:21 pm
X-Mailer: ELM [version 2.4 PL25]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Spam-Rating: locus.apache.org 1.6.2 0/1000/N

> 
> Synopsis: Does not log userid/pass if brought in on URL line
> 
> State-Changed-From-To: open-closed
> State-Changed-By: coar
> State-Changed-When: Wed May  3 13:13:21 PDT 2000
> State-Changed-Why:
> According to RFC 1738, section 3.3, usernames and passwords
> are NOT ALLOWED in http-schemed URLs.  So even if some
> browsers and servers support this, it is technically
> illegal and Apache is perfectly correct in ignoring
> the auth information passed thusly.
> 
> 
> 
	Ok, thank you.

		Tuc/TTSG