Re: password

Austin S. Lin (austin@al2.com)
Sat, 14 Nov 1998 08:36:54 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Michael D. Smith: "Re: lwpcook.pod example problems"
Previous message: John Pham: "password"
In reply to: Austin S. Lin: "Re: password"
Reply: Austin S. Lin: "Re: password"

The username and password are encoded in Base64 (RFC 2045).  So "username"
and "password" are glued together with a ":" and encoded as:

$ perl -MMIME::Base64 -e 'print encode_base64("username:password"),"\n";'
dXNlcm5hbWU6cGFzc3dvcmQ=

The browser would send the following to the server:

  Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=

This is as trivially decoded as it is encoded:

$ perl -MMIME::Base64 -e 'print decode_base64("dXNlcm5hbWU6cGFzc3dvcmQ="),"\n";'
username:password

- Austin S. Lin
  austin@AL2.com

On Fri, 13 Nov 1998, John Pham wrote:

> I'm pretty new at HTTP protocol and like to know how does browser like
> netscape and MS IE4 encode the password.  For example, if I login to a
> web page, and have to enter a user id and password.  How does a browser
> encrypt the password and transmit back?  I've been looking at CGI and
> HTTP RFC and either I miss it, or they didnt mention it.

Next message: Michael D. Smith: "Re: lwpcook.pod example problems"
Previous message: John Pham: "password"
In reply to: Austin S. Lin: "Re: password"
Reply: Austin S. Lin: "Re: password"