Hacker News new | ask | show | jobs
by lhazlewood 4818 days ago
Depends on the UA (curl?)
2 comments
jimktrains2 4818 days ago
OK, so it'll either add an auth header or not know what to do and refuse to do anything. Either way the password is not sent in the request url
link
jimktrains2 4817 days ago
Actually, I mused have screwed up last night. The version of curl I have does support it and does put it into the Auth header.

  % curl --trace-ascii /dev/stdout http://jimktrains:password@news.ycombinator.com
  == Info: About to connect() to news.ycombinator.com port 80 (#0)
  == Info:   Trying 184.172.10.74... == Info: connected
  == Info: Server auth using Basic with user 'jimktrains'
  => Send header, 223 bytes (0xdf)
  0000: GET / HTTP/1.1
  0010: Authorization: Basic amlta3RyYWluczpwYXNzd29yZA==
  .......
Some UAs however, do just drop it. Like IE (http://support.microsoft.com/kb/834489)
link
jes5199 4818 days ago
Even curl does the right thing for basic auth
link