Re: [thredds] [Opendap-tech] User and password in URL location file for NCML

John Caron wrote:
I have been reluctant to add username:password support because:

  1. it's so obviously insecure. IE apparentlly no longer supports it, at least 
as a default.
2. i believe username:password is not really part of a URL, but something the client (eg browser) parses and transforms to HTTP headers.

It is part of the URL/URI scheme (RFC 1738 and 2396), but the RFCs explicitly recommend against its use. But I think that in cases like this the syntax is useful, and if you use digest authentication the password is secure.


  • 2007 messages navigation, sorted by:
    1. Thread
    2. Subject
    3. Author
    4. Date
    5. ↑ Table Of Contents
  • Search the thredds archives: