authorization - HTTP Preauthorization -
I have a form that asks for the user and password (authentication). After user post (hits ok) I want to redirect the user who uses basic apache of apache. It happens that the way users and passwords are typed, they are really credentials for certifying me who want the solution so that the user can not be asked for a password at another address. So far, I was able to pass "Authorization: Basic" Base 64_ encoded user and password with 'Curl' (using GET), and get the response I needed (for example, Test / Index.html's content) However, with this priority, there is a curl to get information instead of redirecting my browser. That is, if I type in the address bar, then the password will be repeated again. No idea? Any explanation is necessary?
The problem is that the authorization status is kept in the browser And there is no reality. It is authorized to tell the browser.
Most systems rely on cookie system, but the original / dig is the EST HTTP or HTP header. Therefore, only the browser can set them up .
I should say, every day for normal requests - Maybe that (I'm not sure) be able to set the headers in XHR.
Comments
Post a Comment