Hidden URL

Thu, 02 Mar 2000 11:11:08 -0700

Hello! I would like to be able to access a password protected directory by 
setting the userid and password within my script (HTML/Java Script/Perl - whatever). 
I am creating links (on the fly) to the files in the passowrd protected directory 
if the user is a valid member (based upon a database lookup). The members' 
userid and password IS NOT the same as the userid and password to access the 
directory as there are many members - one directory (therefore one userid and 
password). 
 
Sure, I could simply create the link as follows provided the member is valid: 
 
http://userid:password@www.domain.com/file.html 
 
but then everyone knows the userid and password and can send it to anyone. 
Is there an HTTP variable that I can set that tells the server the user is valid? 
Something that will simply allow me to create the link as: 
 
http://www.domain.com/file.html 
 
Or - is there a way to encrypt the userid and password in the URL? 
 
Thanks! 
CA

Re: Hidden URL

Sun, 19 Mar 2000 23:08:02 -0700

While this isn't the most secure way, you might try looking around for the GateKeeper script. it works like this: 
 
1) prompt user for "password" 
 
2) Try to access page using: 
http://www.theserver.com/directory/password.html 
 
Where password is what they entered in the box prompt, and the .html (or .htm) is tagged on to the end of it.

'Hidden URL' Thread RSS Feed

Hidden URL

Re: Hidden URL