开发者

Redirect to page with .htaccess password

开发者 https://www.devze.com 2023-03-09 07:53 出处:网络
Is it 开发者_Python百科possible to redirect a \'person\' to a folder on a website which is protected by a passworded .htaccess.

Is it 开发者_Python百科possible to redirect a 'person' to a folder on a website which is protected by a passworded .htaccess.

Possibly by the use of php or otherwise, other than the "http://user:pwd@web.site" way?

Or is it best just to script your own folder/file view of these protected areas.


Most browsers will issue warnings about the embedded username/password, as that sort of link has been traditionally abused by spammers to cloak their penis pill URLs behind "normal looking" links.

If you want to do an automatic login, redirect with an encrypted token of some sort that the protected site can decrypt and grant/deny access based on that.

In bare-bones form:

$raw_token = array('username' => 'joe', 'password' => '123', 'coming_from' => 'yoursite.com');
$crypted_token = base64_encode(do_some_encryption(json_encode($raw_token), 'the passphrase'));

header("Location: http://othersite.com?token=$crypted_token")

and then on the receiving end:

$crypted_token = $_GET['token'];
$raw_token = json_decode(do_some_decryption(base64_decode($crypted_token), 'the passphrase'));

$username = $raw_token['username'];
$password = $raw_token['password'];

do_login($username, $password);
0

精彩评论

暂无评论...
验证码 换一张
取 消