Closed Thread Icon

Topic awaiting preservation: This is going to be an amateur question... (Page 1 of 1) Pages that link to <a href="http://ozoneasylum.com/backlink?for=13108" title="Pages that link to Topic awaiting preservation: This is going to be an amateur question... (Page 1 of 1)" rel="nofollow" >Topic awaiting preservation: This is going to be an amateur question... <span class="small">(Page 1 of 1)</span>\

 
Red Ninja
Bipolar (III) Inmate

From: Detroit, MI US
Insane since: Mar 2001

posted posted 03-25-2004 00:54

But I can't get around having to ask. Also, this is my best guess as to where this topic belongs.

I have a link:
<a href="http://nobody:nobody@www.domain.com/login/login.php">Click, baby!</a>

and this goes to an area where htaccess is already set up. I know it works; how much simpler can you get it? The problem is that it doesn't work on ONE person's computer that I know and her browser settings are not the problem. Let me rephrase that... I don't THINK the browser settings are the problem, but I'm not a browser settings guru. Anyway, she can log in on the standard popup, but the link itself will NOT automatically log her in. My code is right and it works everywhere I've checked so far except on her computer.

So, anyone know under which circumstances this may occur? Or maybe you may tell me of some known issues that I just don't happen to know about? I've never ever had a problem using this method before, so I'm pretty puzzled.


Cameron
Bipolar (III) Inmate

From: Brisbane
Insane since: Jan 2003

posted posted 03-25-2004 01:32

That is a strange one. Technically, it really *should* work.

The first thing I'd do is poke through the server logs to try and see what's happening when she tries to access that page. If that fails...

Does she get the u prompt again or just get taken straight to a "forbidden" error page?

Maybe the link/bookmark she has, has been tampered with or is simply wrong. Do you know what browser she is using and the security settings that have been set on it?

Perhaps she has changed her password and the link she now has is invalid.

Edit: *checks 'disable Slimies' *...

[This message has been edited by Cameron (edited 03-25-2004).]

Red Ninja
Bipolar (III) Inmate

From: Detroit, MI US
Insane since: Mar 2001

posted posted 03-25-2004 01:44

I'll check the server logs, but when the link is clicked, she doesn't get anything. It says page cannot be found and that's it. Same thing if you were to type it directly into the url bar. However, when typing the page location directly into the url without username and password, the prompt does come up and navigate exactly as it should. For some reason something is preventing her from using logins in urls.

The browser is IE 6 and the settings are to "prompt for username and password", which works for MY computer. She's running windows xp, so it can't be the os. But this is the same woman whose Macromedia FTP will not connect through homesite for whatever reason and the WS_FTP cannot automatically upload when finished editing in notepad. I'm really quite lost.

shapirac
Obsessive-Compulsive (I) Inmate

From:
Insane since: Mar 2004

posted posted 03-25-2004 08:31

Few weeks ago Microsoft released a security update for IE 6.0, that disables the ability to have links like "http://username assword@myurl.com".

I assume this is what you encountered.

I'm pretty sure there is some registry settings you can do to enable those urls again, but I can't find it now.

Tyberius Prime
Paranoid (IV) Mad Scientist with Finglongers

From: Germany
Insane since: Sep 2001

posted posted 03-25-2004 09:43

Indeed, MS turned that off with a recent security update.

I suggest you read this link: @-notation was never legal in HTTP URLs anyway


Still want it?
Then , HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE, a dword value called 'iexplore.exe' with a value of '0' is supposed to turn it on gaain, or so I heard.
Use at your own risk.


And next time, a more content describing topic would be a nice idea... you know, like '@username assword links don't work on one machine, why?'.
Thanks.

So long,

Tyberius Prime

DL-44
Maniac (V) Inmate

From: under the bed
Insane since: Feb 2000

posted posted 03-25-2004 18:00
quote:
assword links don't work



I hate it when asswords stop working...



Red Ninja
Bipolar (III) Inmate

From: Detroit, MI US
Insane since: Mar 2001

posted posted 03-25-2004 19:16

Surprising turn out on this one. Thanks for all of the help.

So, since it was there and it was working and people have come to rely on it, why take it out really? I haven't heard of any security issues, personally. Furthermore, they recommend workarounds for people that are still using this method. So why not just recommend workarounds instead of limiting everyone's functionality? Something sure is is smelly in Gatesland, Scoob.

Anyway, she has the pertinent update installed, so that IS the problem. Now all I have to do is a) figure out a way around it that doesn't fall in Microsoft's workaround recommendations (because they don't work around the issue in this case or any that I have needed this function for in the past) and b) figure out how Microsoft is making more money off of this. I did notice that they have only listed workarounds for .NET developers. Maybe this is supposed to be some sort of motivation to get people off of open source languages. Kind of like what they've been doing to Java. Luckily, it doesn't cease to work when there is a port, like so:

<a href="http://nobody:nobody@www.domain.com/login/login.php:2095">Click, baby!</a>

I was trying to use this to log out of .htaccess and starting a new session was the only thing I could find. This whole thing pretty much scuttles my boat, but I won't let the man get me down.

Thank you for your assistance.

Tyberius Prime
Paranoid (IV) Mad Scientist with Finglongers

From: Germany
Insane since: Sep 2001

posted posted 03-25-2004 20:14

darn slimies!

yeah, the registery 'fix' is hardly a fix - since you'd have to do it on each and every clients machine.

Hm, ports still work, huh? Riddle me that, but I don't even want to see the source of IE. I'm too scared.

« BackwardsOnwards »

Show Forum Drop Down Menu