On 10/27/2010 03:24 AM, Marek Hudik wrote: > Hi, > could you please help me with wget usage. > I am using wget to download a report from my app. I get difference behavior > for 1.10 and later versions.
Try with --auth-no-challenge. It was removed as default behavior because it was an insecure default (sends password as cleartext, available to snoopers). The way it's supposed to work is you make the request, then the server challenges you to authenticate (hopefully more secure options than cleartext passwords), then you submit the proper authentication and obtain the resource. Unfortunately, some servers (such as the one giving you trouble, probably), rather than responding to the initial authenticationless request with the proper challenge, just send an error. This means that you have to go through the annoying extra step of adding the option I mentioned (or enabling it in your .wgetrc), but without requiring you to do that, it would be impossible to avoid sending cleartext passwords to those sites that support it (other than HTTPS sites). Hope that helps, -mjc
