Henrik van Ginhoven <[EMAIL PROTECTED]> writes: > problem, I agree. On large networks some evil-minded person could > write a tiny cron-script that ran once every 5 minutes or so to > parse ps-output looking for nothing but passwords,
Note that the standard workaround for this problem, which is now even documented in the manual, is to use the `-i -' option. For example: wget -i - http://user:[EMAIL PROTECTED]/directory/file ^D But I agree that's just a workaround. I'm now more open to the idea of introducing a prompting feature. The worst case scenario is that any page whatsoever can stop recursion by sending a WWW-Authenticate header and causing Wget to prompt, long after the user has left the keyboard, confident that the download is in progress. >> wget shows username:*password* in its output, is this supposed to >> make us think the program is protecting that password from prying >> eyes in some way? > > Yes, as you know it's not perfect but it would be quite silly to > actually print the password and the username on the screen don't you > agree? I don't think anyone ever thought of it as a way to make you > believe the password is well protected.. Exactly.
