|
|
|
|
|
|
by chii
1209 days ago
|
|
|
with basic authentication, you cannot embed the decryption key into the url via a hash fragment. This means you must have a secondary channel to communicate to the user about the password, and the server must also know the password. So depending on your use-case, the basic auth isn't suitable. For example, mega : https://en.wikipedia.org/wiki/Mega_(service) , in which you want to ensure that the decrypted data is _not_ accessible to the server, so the key is not stored nor sent to the server! |
|
|
//<user>:<pass>@<url>[:<port>][/<location>]/
It doesn’t work on IE classic, but should still be perfectly valid on Chrome, Safari, Firefox, etc.
1 - https://www.ietf.org/rfc/rfc1738.txt