[links-list] Re: HTTP Auth

Bennett Todd bet at rahul.net
Wed May 15 10:57:50 PDT 2002


2002-05-14-11:24:53 Petr Baudis:
> There's support for proxy auth in latest development ELinks releases.

Hot diggidy! Finally kicked me off my stump, got me to upgrade (I'd
been running an 0.95 build w/ SSL). Works like a champ!

> However, it's very simple - it's just done by option proxy_user
> and proxy_passwd, which are set ordinarily and which are appended
> to the header all the time.

Fair enough. If we were trying to polish this to the hilt, I'd
propose some slight changes to handling, but unless someone out
there is more demanding than me, this certainly wouldn't be a
high-priority adjustment --- I work from a very very hardened
machine, so storing the password in plaintext in a cfg file is Ok
for me.

For polished product, I'd suggest two tweaks:

(a) If the password is stored, store it base64-encoded or otherwise
    shrouded from trivial view by shoulder-surfers et al; and

(b) respond to 407 Proxy Authorization Required by popping up a
    requestor to interactively ask for the username and password
    (not echoing the password), with a checkbox indicating whether
    the user wants this saved in a file or not; by default just keep
    the proxy auth info in memory for the session.

But like I said, that'd be gravy; the current functionality works,
and I don't know that there's a big enough audience for anything
more to justify any more development effort expended on it.

Kudos!

-Bennett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/links-list/attachments/20020515/935abcc3/attachment.sig>


More information about the links-list mailing list