|
|
|
|
|
|
by snthd
838 days ago
|
|
|
"private secure links" are indistinguishable from any other link. With HTTP auth links you know the password is a password, so these tools would know which part to hide from public display: > https://username:password@example.com/page |
|
|
I know there are valid reasons (the "are you sure you want to log in as usernam on example.com?" prompt for example) but this is just one of the many ways web dev has built hacks upon hacks where implementing standards would've sufficed. See also: S3 vs WebDAV.