With Apache's basic authorization framework, it's possible to pass the username and password directly on the URL as:
My questions is, is it possible to encode (base64 or sha1, or md5, whatever) the password (or both username and password) in the URL?
I've tried the various combinations listed [here on apache.org] but they all seem to be valid when used as a header (like header("Authorization",...)).
For example, had this worked, the above url would be something like (taking SHA1 as an example):
But this of course isn't working.
: https://httpd.apache.org/docs/2.2/misc/password_encryptions.html This does not work. You have some general missconception about how encryption actually works and how it is to be applied. You should start reading about that stuff first, I am afraid.
以上就是Apache Basic Auth with encoded password directly on URL的详细内容，更多请关注web前端其它相关文章！