Re: website directory access

2001-02-01 Thread Philip Newton

Robin Houston wrote:
> On Thu, Feb 01, 2001 at 02:24:08PM +0100, Philip Newton wrote:
> > Michael Stevens wrote:
> > > You could give out urls with the usernames and passwords in?
> > 
> > Were you thinking of
> > http://username:[EMAIL PROTECTED]/pics/drunkenperlmongers.jpg
> > ? No such thing; RTFRFC for more info.
> 
> There may well be no such thing, but since it works in just about
> every user agent, including LWP, that's a pretty bad argument against
> using it here in the Real World.

Hm. You're right; it works at least with MSIE and NS on Win32, also with
LWP. I had only tried it out on one site with Lynx (2.8.3rel1) and got a
"400 Bad Request: Your browser sent a request that this server could not
understand. Client sent malformed Host header", so I suppose Lynx sent
"username:[EMAIL PROTECTED]".

> It's a pretty obvious and compatible extension the the standard...

I'll give you that.

Cheers,
Philip



Re: website directory access

2001-02-01 Thread Michael Stevens

On Thu, Feb 01, 2001 at 02:24:08PM +0100, Philip Newton wrote:
> Michael Stevens wrote:
> > You could give out urls with the usernames and passwords in?
> Were you thinking of
> http://username:[EMAIL PROTECTED]/pics/drunkenperlmongers.jpg ? No
> such thing; RTFRFC for more info.

Being somewhat practical, they do tend to work.

Michael



Re: website directory access

2001-02-01 Thread Robin Houston

On Thu, Feb 01, 2001 at 02:24:08PM +0100, Philip Newton wrote:
> Michael Stevens wrote:
> > You could give out urls with the usernames and passwords in?
> 
> Were you thinking of
> http://username:[EMAIL PROTECTED]/pics/drunkenperlmongers.jpg ? No
> such thing; RTFRFC for more info.

There may well be no such thing, but since it works in just about
every user agent, including LWP, that's a pretty bad argument against
using it here in the Real World.

It's a pretty obvious and compatible extension the the standard...

 .robin.

-- 
"do not assume that you are in control of your own actions,
 but take responsibility for them anyway."



Re: website directory access

2001-02-01 Thread Robert Shiels

> >
> > I don't really like this, is there another way? I don't want to have to
> > resort to .htpasswd files, which is what I've implemented for now.
>
> er, what's wrong with them?
>
Well, publishing username/passwords to everyone who needs them is trickey,
and getting people to remember them is also hard.

For example, I took family photos, I want the whole family to look at them,
and anyone else who they give the link to, but my mum has enough trouble
connecting to the internet without remembering new usernames and passwords.

/Robert




Re: website directory access

2001-02-01 Thread David Cantrell

On Thu, Feb 01, 2001 at 01:02:03PM -, Robert Shiels wrote:

> For example, I took family photos, I want the whole family to look at them,
> and anyone else who they give the link to, but my mum has enough trouble
> connecting to the internet without remembering new usernames and passwords.

Username 'shiels' with no password?

-- 
David Cantrell | [EMAIL PROTECTED] | http://www.cantrell.org.uk/david/

   Any technology distinguishable from magic is insufficiently advanced

** I read encrypted mail first, so encrypt if your message is important **

 PGP signature


Re: website directory access

2001-02-01 Thread Michael Stevens

On Thu, Feb 01, 2001 at 01:02:03PM -, Robert Shiels wrote:
> Well, publishing username/passwords to everyone who needs them is trickey,
> and getting people to remember them is also hard.
> 
> For example, I took family photos, I want the whole family to look at them,
> and anyone else who they give the link to, but my mum has enough trouble
> connecting to the internet without remembering new usernames and passwords.

You could give out urls with the usernames and passwords in?

Michael



Re: website directory access

2001-02-01 Thread Philip Newton

Michael Stevens wrote:
> You could give out urls with the usernames and passwords in?

Were you thinking of
http://username:[EMAIL PROTECTED]/pics/drunkenperlmongers.jpg ? No
such thing; RTFRFC for more info.

Or were you thinking of
http://www.example.org/pics/show-pic.py?pic=drunkenperlmongers.jpg&user=user
&password=s33kr1t ? That should work.

Cheers,
Philip



Re: website directory access

2001-02-01 Thread Struan Donald

* at 01/02 12:35 - Robert Shiels said:
> 
> I don't really like this, is there another way? I don't want to have to
> resort to .htpasswd files, which is what I've implemented for now.

er, what's wrong with them? 
 
struan