ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: HTTP Authentication with XML-RPC Client / usage?
Date Tue, 31 Jan 2006 13:14:25 GMT
thanks! yeah its userid:passwd@host , i was just replying.

so basically what u mean is .... an xmlrpc server (say php) running over 
the braindead MS IIS ;) behind http auth, should run just fine with this 
method? ... hmm... i'l check this myself too. thanks a lot!

Tino Wildenhain wrote:
> schrieb:
>> Using the way --- http:userid@password --- wont be cross platform I 
>> suppose (its classified as a security flaw) All new browsers and XP 
>> with SP2 has been patched NOT to allow usage this way.
> Actually its http://username:password@host/path/
> And its not a security flaw per se if not used in a buggy and brain
> dead application like M$-internetexplorer :-)
> Useragents are supposed to not send these strings literally over
> the net - or in case of a webbbrowser dont construct relative
> URLs from it or expose it to Javascript DOM.
> XMLRPC does not use sublinks or relative paths so this is no
> issue at all.
> Kind regards
> Tino


Rahul Joshi
Data Armor

View raw message