How does authentication http: // user: pass@host.com work ?

Question

How does authentication http: // user: pass@host.com work ?

Can someone explain how http: // user: pass@host.com authentication works ? If the browser sends a header Authorizationwith user:passin base-64 encoded?

I opened the Net console in the Chrome developer tools, and when I make a request, for example http://user:pass@stackoverflow.com, I do not see the header added Authorization.

I'm really curious how the browser sends the password if I use user:pass@before the url.

+5

http web http-authentication

bodacydo Oct 20 '11 at 12:35

source share

1 answer

Martin · Accepted Answer · 2011-10-20T15:25:11+0000

, , . Authorization, , , ( ).

HTTP- :

Authorization. WWW-Authenticate, , . ( , , )

Authorization. user:pass base64, :

Authorization: Basic dXNlcjpwYXNz

, https. -, WWW-Authenticate, Authorization .:)

How does authentication http: // user: pass@host.com work ?

More articles: