-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Doruk Fisek wrote: > Thu, 17 Jul 2008 15:07:18 -0700, Micah Cowan <[EMAIL PROTECTED]> : > >> Then, please provide the logs from both wget 1.10.2 and wget 1.11.4 >> (with --auth-no-challenge), with the --debug flag. > I attached the logs you requested.
It looks like --auth-no-challenge works when --user/--password or - --http-user/--http-password is used; but not when the user/pass information is passed directly via the URL. You can use - --auth-no-challenge together with either of those option pairs as a work-around. - --auth-no-challenge was intended to make wget 1.11.x behave like 1.10.2 with regard to authentication (that is, broken and insecure). It's generally a bad idea to send authentication credits before the server tells Wget what sort of authentication scheme should be used (it may offer more secure alternatives to the "basic" mechanism). However, in situations where the server uses forms-based authentication for interactive communication, some servers accept authentication if offered, but will not issue the challenge if it's not, instead expecting users to authenticate through the forms; situations like that are why - --auth-no-challenge was introduced. I'll file a report for this issue; but if this is the only thing that crops up, I probably won't roll a new 1.11.x maintenance release just for that, so it'll have to wait until 1.12. - -- Micah J. Cowan Programmer, musician, typesetting enthusiast, gamer, and GNU Wget Project Maintainer. http://micah.cowan.name/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIhOM97M8hyUobTrERAu94AJ9fO6LT+mn0M/2pEG1KS+7pwpKDBACcDnMj AfJSnm3pJeKrQkEFlOeuyFk= =9p3c -----END PGP SIGNATURE-----
