Hi,
I'm wondering what the security implications are of using a form to post the username and password to .htaccess. Something like: http://loginname:password@www.domain.com/password_protected_dir/
> Browsers history files, referer information and so...
----
I want to avoid the pop-up-box, so I want to check the username and password with a script, then post the username and password to a htaccess protected dir. Just because then I'm able to use $ENV{'REMOTE_USER'} to offer custom pages to logged in users. Sound smart or stupid?
I'm wondering what the security implications are of using a form to post the username and password to .htaccess. Something like: http://loginname:password@www.domain.com/password_protected_dir/
> Browsers history files, referer information and so...
----
I want to avoid the pop-up-box, so I want to check the username and password with a script, then post the username and password to a htaccess protected dir. Just because then I'm able to use $ENV{'REMOTE_USER'} to offer custom pages to logged in users. Sound smart or stupid?