Author Topic: User id & password in url  (Read 1795 times)

0 Members and 1 Guest are viewing this topic.

Haddood

  • $upporter
  • Hero Member
  • *****
  • Posts: 688
  • Karma: 22
    • View Profile
User id & password in url
« on: January 19, 2015, 02:19:21 PM »
Ie and Chrome has dropped passing user id and password in url ...


So something like
Http://user:pass@domain.ca

Won't work anymore

Will that affect scrape, robob & other commands in VC?
When Voice command gets tough, use hand gestures

jitterjames

  • Administrator
  • Hero Member
  • *****
  • Posts: 7714
  • Karma: 116
    • View Profile
    • VoxCommando
Re: User id & password in url
« Reply #1 on: January 19, 2015, 03:02:38 PM »
Can you refer us to some kind of source for this information?

I don't think it will change anything.  It will probably come down to how individual servers deal with authentication.  There are many different methods.

Haddood

  • $upporter
  • Hero Member
  • *****
  • Posts: 688
  • Karma: 22
    • View Profile
Re: User id & password in url
« Reply #2 on: January 20, 2015, 01:07:30 PM »
can't find the original source ... :( I was looking to create a command to update the IP automatically with no-ip ... and read it somewhere .. and when I try

http://user:pass@dynupdate.no-ip.com/nic/update?hostname=domain.com&myip=198.48.129.133

however I found this (I can only access the cached page):
http://webcache.googleusercontent.com/search?q=cache:P_CAOhmuLAkJ:support.microsoft.com/kb/834489+&cd=9&hl=en&ct=clnk&gl=ca
When Voice command gets tough, use hand gestures

jitterjames

  • Administrator
  • Hero Member
  • *****
  • Posts: 7714
  • Karma: 116
    • View Profile
    • VoxCommando
Re: User id & password in url
« Reply #3 on: January 20, 2015, 01:20:59 PM »
Sounds like it only affects recent versions of IE so probably won't matter in a scrape action but might affect RoboBrowser.

But it will still depend on what kind of authorisation methods the server accepts.  If IE no longer supports this method then the number of servers that allow it in the future may go down.

nime5ter

  • Administrator
  • Hero Member
  • *****
  • Posts: 1999
  • Karma: 61
    • View Profile
    • Getting Started with VoxCommando
Re: User id & password in url
« Reply #4 on: January 20, 2015, 01:38:30 PM »
however I found this (I can only access the cached page):
http://webcache.googleusercontent.com/search?q=cache:P_CAOhmuLAkJ:support.microsoft.com/kb/834489+&cd=9&hl=en&ct=clnk&gl=ca

http://support.microsoft.com/kb/834489#LetMeFixItMyselfAlways

But in terms of the Scrape actions, that kind of basic authorization is generally handled by using the "username" and "password" parameter fields, so there is no need to use the user:pwd@address.com format of URL. Just enter the core URL and put the username and password in the appropriate fields. http://voxcommando.com/mediawiki/index.php?title=Actions#Scrape
« Last Edit: February 15, 2015, 04:27:23 PM by nime5ter »
TIPS: POST VC VERSION #. Explain what you want VC to do. Say what you've tried & what happened, or post a video demo. Attach VC log. Link to instructions followed.  Post your command (xml)

Haddood

  • $upporter
  • Hero Member
  • *****
  • Posts: 688
  • Karma: 22
    • View Profile
Re: User id & password in url
« Reply #5 on: January 20, 2015, 01:49:55 PM »
I think chrome is doing the same and other browsers are following ...
I believe the idea is to avoid exposing the credentials ... technically anyone sniffing the traffic will get usernames and passwords on a golden platter
When Voice command gets tough, use hand gestures