Re: CGI/1.0: last call

Ari Luotonen (luotonen@ptsun00.cern.ch)
Sun, 5 Dec 93 13:40:08 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: ts: "Re: CGI/1.0: last call"
Previous message: ts: "CGI/1.0: last call"
Maybe in reply to: ts: "CGI/1.0: last call"
Next in thread: ts: "Re: CGI/1.0: last call"

> >> No, we found that the server had to parse some of the header anyway, and
> >> therefore did not make the header lines available to the script for
> >> implementation reasons. Is there something from the header you'd like to see
> >> that isn't in the spec?
> >
> > Yes, I want header line "authenticate" to have the password for the
> >username or an environemental variable with "username:password" uuencoded.
>
> Sorry, there is a bug ... it is header line "authorization" and not
> "authenticate".

No. Password should be kept inside the server for security reasons.
The environment variable REMOTE_USER is only defined if user has
successfully authenticated himself. This should be enough.

-- Cheers, Ari --

Next message: ts: "Re: CGI/1.0: last call"
Previous message: ts: "CGI/1.0: last call"
Maybe in reply to: ts: "CGI/1.0: last call"
Next in thread: ts: "Re: CGI/1.0: last call"