AbydosGater Posted June 21, 2007 Share Posted June 21, 2007 Hey Guys, This is probs the wrong place to ask this but it seams to suit the question best. I have tried using a sniffer but i cant find them, Does anyone know the headers that are sent to a server for a HTTP Auth (.htaccess login)? As in if i fill in the popup with username and pass and click login.. What headers does the browser send to the server? Thanks Link to comment https://forums.phpfreaks.com/topic/56536-htaccess-auth-headers/ Share on other sites More sharing options...
AbydosGater Posted June 21, 2007 Author Share Posted June 21, 2007 Ok, Im replying to this as i dont have a modify button anymore.. I have found a section on the HTTP that says: user-pass = userid ":" password userid = *<TEXT excluding ":"> password = *TEXT Userids might be case sensitive. If the user agent wishes to send the userid "Aladdin" and password "open sesame", it would use the following header field: Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== I found that http://www.ietf.org/rfc/rfc2617.txt <-- Here under [Page 5].. So if i read that correct.. to login you have to send the header: Authorization: Basic **Encrypted Details Here** And the encrypted details should be user:password.. If i am correct.. what method is used to encrypted the details? Andy Link to comment https://forums.phpfreaks.com/topic/56536-htaccess-auth-headers/#findComment-279422 Share on other sites More sharing options...
steviewdr Posted June 22, 2007 Share Posted June 22, 2007 This might be a suitable article for you to read: http://www.sitepoint.com/article/http-authentication-php As for "Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" Im not sure. I havnt seen the user name MD5'd for htaccess. The application htpasswd generates password hashes for apache. -steve Link to comment https://forums.phpfreaks.com/topic/56536-htaccess-auth-headers/#findComment-280458 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.