I've protected a directory with an .htaccess file.
I'd like some of the files in this directory to be accessible by a scheduler
that runs an "URL". The problem is that the scheduler runs scripts in this
directory, so the server asks a username and password. How to avoid this ???
Should I set the .htaccess file to allow GET, but how ??? and what would be
the URL ???
directory tree:
admin
.htaccess
admin.htm //frame
adminmnu.htm //menu in frame
script1.php
script2.php
script3.php
I'd like to run the script from home with a scheduler like: http://www.mysite.com/admin/script2....password=pass;
username and password being the ones asked in the .htaccess file.
How to do so ?
Bob 13 2549
Bob Bedford <be******@YouKn owWhatToDoHereh otmail.com> wrote: I've protected a directory with an .htaccess file.
I'd like some of the files in this directory to be accessible by a scheduler that runs an "URL". The problem is that the scheduler runs scripts in this directory, so the server asks a username and password. How to avoid this ??? Should I set the .htaccess file to allow GET, but how ??? and what would be the URL ???
directory tree:
admin .htaccess admin.htm //frame adminmnu.htm //menu in frame script1.php script2.php script3.php
I'd like to run the script from home with a scheduler like: http://www.mysite.com/admin/script2....password=pass; username and password being the ones asked in the .htaccess file.
How to do so ?
Bob
Theoretically: http://htuser:ht****@www.mysite.com/...&password=pass
Might work - or not... depends on the browser.
--
Simon Stienen <http://dangerouscat.ne t> <http://slashlife.de>
»What you do in this world is a matter of no consequence,
The question is, what can you make people believe that you have done.«
-- Sherlock Holmes in "A Study in Scarlet" by Sir Arthur Conan Doyle
*** Bob Bedford wrote/escribió (Fri, 24 Sep 2004 17:32:51 +0200): I've protected a directory with an .htaccess file.
I'd like to run the script from home with a scheduler like: http://www.mysite.com/admin/script2....password=pass; username and password being the ones asked in the .htaccess file.
You can't pass auth data this way if you are using Apache mod_auth; the
data must go in the request headers. I can think of two options:
* Use another auth system to protect the site
* Change your scheduled script so it can provide HTTP auth data
I normally use the latter option but of course it depends on what your
script looks like.
--
-- Álvaro G. Vicario - Burgos, Spain
-- Thank you for not e-mailing me your questions
--
Bob Bedford <be******@YouKn owWhatToDoHereh otmail.com> wrote: Theoretically: http://htuser:ht****@www.mysite.com/...&password=pass Might work - or not... depends on the browser.
Already tried, seems not to work with IE6.... thanks anyway
Cheers
Yep. Exactly _there_ MS killed the support for this syntax "for security
reasons"...
--
Simon Stienen <http://dangerouscat.ne t> <http://slashlife.de>
»What you do in this world is a matter of no consequence,
The question is, what can you make people believe that you have done.«
-- Sherlock Holmes in "A Study in Scarlet" by Sir Arthur Conan Doyle
.oO(Simon Stienen) Bob Bedford <be******@YouKn owWhatToDoHereh otmail.com> wrote: Theoretically: http://htuser:ht****@www.mysite.com/...&password=pass Might work - or not... depends on the browser.
Already tried, seems not to work with IE6.... thanks anyway
Cheers
Yep. Exactly _there_ MS killed the support for this syntax "for security reasons"...
The explanation might be questionable, but after all the decision was
correct. Username and password are not allowed in HTTP URLs by RFC 1783:
| An HTTP URL takes the form:
|
| http://<host>:<port>/<path>?<searchp art>
|
| where <host> and <port> are as described in Section 3.1. If :<port>
| is omitted, the port defaults to 80. No user name or password is
| allowed. ^^^^^^^^^^^^^^^ ^^^^^^^^^^^^
| ^^^^^^^^
<http://www.freesoft.or g/CIE/RFC/1738/14.htm>
It is allowed for other schemes like FTP.
Micha
.oO(Simon Stienen) Bob Bedford <be******@YouKn owWhatToDoHereh otmail.com> wrote: Theoretically: http://htuser:ht****@www.mysite.com/...&password=pass Might work - or not... depends on the browser.
Already tried, seems not to work with IE6.... thanks anyway
Cheers
Yep. Exactly _there_ MS killed the support for this syntax "for security reasons"...
The explanation might be questionable, but after all the decision was
correct. Username and password are not allowed in HTTP URLs by RFC 1738:
| An HTTP URL takes the form:
|
| http://<host>:<port>/<path>?<searchp art>
|
| where <host> and <port> are as described in Section 3.1. If :<port>
| is omitted, the port defaults to 80. No user name or password is
| allowed. ^^^^^^^^^^^^^^^ ^^^^^^^^^^^^
| ^^^^^^^^
<http://www.freesoft.or g/CIE/RFC/1738/14.htm>
It is allowed for other schemes like FTP.
Micha
Michael Fesser <ne*****@gmx.ne t> wrote: .oO(Simon Stienen)
Bob Bedford <be******@YouKn owWhatToDoHereh otmail.com> wrote: Theoretically:
http://htuser:ht****@www.mysite.com/...&password=pass
Might work - or not... depends on the browser.
Already tried, seems not to work with IE6.... thanks anyway
Cheers
Yep. Exactly _there_ MS killed the support for this syntax "for security reasons"...
The explanation might be questionable, but after all the decision was correct. Username and password are not allowed in HTTP URLs by RFC 1738:
| An HTTP URL takes the form: | | http://<host>:<port>/<path>?<searchp art> | | where <host> and <port> are as described in Section 3.1. If :<port> | is omitted, the port defaults to 80. No user name or password is | allowed. ^^^^^^^^^^^^^^^ ^^^^^^^^^^^^ | ^^^^^^^^
<http://www.freesoft.or g/CIE/RFC/1738/14.htm>
It is allowed for other schemes like FTP.
Micha
Ok, but this RFC is dated 1994, I guess it will be updated soon, since
afaik http://user:pass@host/ is inplemented in every important browser and
webspace providers advertise with the so-called "@-domains".
--
Simon Stienen <http://dangerouscat.ne t> <http://slashlife.de>
»What you do in this world is a matter of no consequence,
The question is, what can you make people believe that you have done.«
-- Sherlock Holmes in "A Study in Scarlet" by Sir Arthur Conan Doyle
On Fri, 24 Sep 2004 23:29:39 +0200, Simon Stienen
<si***********@ news.slashlife. de> wrote: Ok, but this RFC is dated 1994, I guess it will be updated soon,
No, not likely.
--
Andy Hassall / <an**@andyh.co. uk> / <http://www.andyh.co.uk >
<http://www.andyhsoftwa re.co.uk/space> Space: disk usage analysis tool
"Bob Bedford" <be******@YouKn owWhatToDoHereh otmail.com> wrote in message
news:41******** *************** @news.sunrise.c h... I've protected a directory with an .htaccess file.
I'd like some of the files in this directory to be accessible by a
scheduler that runs an "URL". The problem is that the scheduler runs scripts in this directory, so the server asks a username and password. How to avoid this
??? Should I set the .htaccess file to allow GET, but how ??? and what would
be the URL ???
What exactly is this scheduler? This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: yawnmoth |
last post by:
i'm trying to write a php script that will password protect some
random directory by creating a .htaccess file, and a password file to
accompany the .htaccess file, and it isn't working... specifically, i
can't enter the newly created directory with a username of test, and a
password of test, which is what i am trying to do.
also, i'm testing this script out on a remote server, and... after
this script runs, i can't delete any of the...
|
by: Joshua Beall |
last post by:
Hi All,
How do I disable magic quotes via .htaccess?
I put the following file in my webroot, but it does not disable
magic_quotes_gpc (according to phpinfo(), both the local and master value
are still "on")
<IfModule mod_php4.c>
php_value upload_max_filesize 8M
|
by: Ivo |
last post by:
Greetings newsgroup,
I am moving some php scripts to a new host. While getting to know the
server, I ran into a strange problem.
If I add a .htaccess file, or more specifically: a .htaccess with
content, to a folder, requesting (html and php) files from that folder
results in internal server error messages.
If I upload an empty .htaccess file, all is fine. Then phpinfo() tells
me I am using Apache/1.3.27.
|
by: John |
last post by:
Hello.
I want to get this blasted .htaccess file sorted out, so I can have
sessions without register_globals being on.
I have looked everywhere for info on this and I mean everywhere
including the php.net manual.
In the manual it said to include something like the following:
|
by: Stoco |
last post by:
I am trying to create a generic interface that will manage various
..htaccess protected directories. In the ideal world, the .htaccess
would trigger a cgi script that would take login information and store
it to a file, or block access all together.
For example,
anytime someone logs in, the .htaccess file should direct the user
name and IP address to be stored in a log file through this cgi. A
cron could be scheduled to determine if the...
| |
by: Bill |
last post by:
Does ASP have a file whose function is similar to .htaccess on Apache? I'm
looking to protect subdirectory content.
|
by: Jack Hambabo |
last post by:
Hi,
I'm searching for a php script that can find out whether the current
user (I know _SERVER will give me the name for
non-cgi php) has the right to view a specific file.
My dream is that I just need a short php script that just asks the
webserver what the rights are. That seems a reasonable wish to me.
If this is however not possible than I'd like a script that can
|
by: nickyeng |
last post by:
I have checked this info from apache website, and i confused with it.
Procteing System files
it said:
To run a really tight ship, you'll want to stop users from setting up .htaccess files which can override security features you've configured. Here's one way to do it.
In the server configuration file, put
|
by: asherwolf |
last post by:
Hi,
I'm trying to do something I think is pretty neat, but I've just about pulled my hair out by the behavior of my server. I'm hosting on GoDaddy, using a subdomain (www.mywebpage.com maps to /mywebpage), running Apache 1.3.33, and PHP 4.3.11. The goal is to use PHP to install an .htaccess file in a folder to forbid PHP files from being accessed from outside the server.
I have a working .htaccess file in one folder, and I have been...
|
by: jaanus |
last post by:
Here we go...
What I have been trying to do is to forward all http requests containing /cms/ to http://cms.mydomain.com/
example1: http://host1.mydomain.com/cms/init.php would be parsed from http://cms.mydomain.com/init.php (via ajax request)
example2: <script src="http://host1.mydomain.com/cms/example.js" in <html><head> would be parsed from http://cms.mydomain.com/example.js
physically there are no cms directories in...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| |
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |