Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > webappsec > 02 > 110064.html (Request Expert securityfocus.com Support)

Re: HTTP authentication and session timeout

From: Craig Skelton <craig(at)craigskelton.com>
Date: Mon Nov 25 2002 - 20:09:09 EST

Hmm. Perhaps I wasn't clear.

You are correct, the browser sends the auth string. That's what I get for sending email prior to the first cup of coffee.

In perl (CGI), try this:
#!/usr/local/bin/perl
$url = "http://loggedout:blank@the.current.url"; print "Location: $url \n\n";

or in php try this:
<?php header( 'Location: http://loggedout:blank@the.current.url' ); ?>

or in asp try this:
<% Response.Redirect "http://loggedout:blank@the.current.url" %>

  • Original Message ----- From: "Jason Coombs" <jasonc@science.org> To: "Craig Skelton" <craig@craigskelton.com>; <webappsec@securityfocus.com>; "'UDP 53'" <udp53@hotmail.com> Sent: Monday, November 25, 2002 11:53 AM Subject: RE: HTTP authentication and session timeout

> Re-read RFC 2617
instead
> by all browsers while Realm is merely eye candy for the end-user.
base64
> encoded pair. From the server side, you can override the current auth
Received on Tue Nov 26 04:15:44 2002

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:44 EDT

Do you need help?X
Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library