[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #57686] Basic Auth: make auth-no-challenge mode by default
From: |
Sergey Ponomarev |
Subject: |
[bug #57686] Basic Auth: make auth-no-challenge mode by default |
Date: |
Wed, 29 Jan 2020 08:23:37 -0500 (EST) |
User-agent: |
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:72.0) Gecko/20100101 Firefox/72.0 |
Follow-up Comment #1, bug #57686 (project wget):
Ok, I figured out that the main reason for the challenge was not a security
but because we don't know which auth scheme uses server: basic or digest. So
in the response for the first request server returns `WWW-Auth digest` then it
will send password hash instead of clear password as for basic auth.
curl have an option -anyuth that works as wget by default.
So we can make `--auth-no-challenge` by default (i.e. send credentials without
pre-request) and add the same `-anyauth` option as curl have for those who
previous behavior.
I.e. make wget working the same as curl.
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?57686>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/