.htaccess from perl script?

Discussion in 'Perl Misc' started by Mark, Jan 9, 2004.

  1. Mark

    Mark Guest

    Hi,

    I am trying to send a username and password from a perl script in
    order to access documents in a directory secured by a .htaccess file.
    I am using the location command to send the access details as part of
    the url as follows;

    print "Location:
    http://username:password\@www.mysite.com/docs/show.htm\n\n";

    The result is that the password box shows in the browser with the
    username and password entered correctly but the user has to click ok
    to access the documents.

    I would much prefer the password box not to appear at all. If I enter
    the url into the browser address window access is gained without the
    password window showing.

    Is there something I can add to the script to overcome this problem?

    Many thanks,
    Mark
     
    Mark, Jan 9, 2004
    #1
    1. Advertising

  2. In article <>,
    Mark <> wrote:
    :I am trying to send a username and password from a perl script in
    :eek:rder to access documents in a directory secured by a .htaccess file.
    :I am using the location command to send the access details as part of
    :the url as follows;

    :print "Location:
    :http://username:password\@www.mysite.com/docs/show.htm\n\n";

    :The result is that the password box shows in the browser with the
    :username and password entered correctly but the user has to click ok
    :to access the documents.

    You should be sending the credentials as part of the HTTP/1.1
    headers. See the http standards on how to send the credentials,
    or just sniff a session and read off the headers sent.
    --
    When your posts are all alone / and a user's on the phone/
    there's one place to check -- / Upstream!
    When you're in a hurry / and propagation is a worry/
    there's a place you can post -- / Upstream!
     
    Walter Roberson, Jan 9, 2004
    #2
    1. Advertising

  3. It was a dark and stormy night, and Mark managed to scribble:

    > Hi,
    >
    > I am trying to send a username and password from a perl script in
    > order to access documents in a directory secured by a .htaccess file.
    > I am using the location command to send the access details as part of
    > the url as follows;
    >
    > print "Location:
    > http://username:password\@www.mysite.com/docs/show.htm\n\n";
    >
    > The result is that the password box shows in the browser with the
    > username and password entered correctly but the user has to click ok
    > to access the documents.
    >
    > I would much prefer the password box not to appear at all. If I enter
    > the url into the browser address window access is gained without the
    > password window showing.
    >
    > Is there something I can add to the script to overcome this problem?
    >
    > Many thanks,
    > Mark


    I'm not sure what you're doing, but I use LPW:Simple, get() and userids/passwords all the time.
    Note that passwords usually secure the whole site, so you may need to pass userid/password everytime you use get().

    eg

    #!/usr/bin/perl
    use LWP::Simple;
    use strict;

    my $result=get("http://username:password\@www.mysite.com/docs/show.htm");


    gtoomey
     
    Gregory Toomey, Jan 10, 2004
    #3
  4. Mark

    Sisyphus Guest

    Gregory Toomey wrote:

    > eg
    >
    > #!/usr/bin/perl
    > use LWP::Simple;
    > use strict;
    >
    > my $result=get("http://username:password\@www.mysite.com/docs/show.htm");
    >


    Just curious - what do you do if the password contains an "@" symbol.
    Let's say the username is 'username' and the password is 'p@ssword':
    my $result=get("http://username:p\@ssword\@www.mysite.com/docs/show.htm");

    For me that would typically result in an error about not being able to
    find ''.

    I couldn't work out a solution.

    Cheers,
    Rob
    --
    To reply by email u have to take out the u in kalinaubears.
     
    Sisyphus, Jan 10, 2004
    #4
  5. >>>>> "Sisyphus" == Sisyphus <> writes:

    Sisyphus> Just curious - what do you do if the password contains an "@"
    Sisyphus> symbol. Let's say the username is 'username' and the password is
    Sisyphus> 'p@ssword':
    Sisyphus> my $result=get("http://username:p\@ssword\@www.mysite.com/docs/show.htm");

    Sisyphus> For me that would typically result in an error about not being able to
    Sisyphus> find ''.

    You URI-encode it. As always. @ is %40, unless i'm not awake yet.

    print "Just another Perl hacker,"

    --
    Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
    <> <URL:http://www.stonehenge.com/merlyn/>
    Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
    See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
     
    Randal L. Schwartz, Jan 10, 2004
    #5
  6. (Randal L. Schwartz) writes:
    >>>>>> "Sisyphus" == Sisyphus <> writes:

    > Sisyphus> Just curious - what do you do if the password contains an "@"
    > Sisyphus> symbol. Let's say the username is 'username' and the password is
    > Sisyphus> 'p@ssword':
    > Sisyphus> my $result=get("http://username:p\@ssword\@www.mysite.com/docs/show.htm");
    >
    > Sisyphus> For me that would typically result in an error about not being able to
    > Sisyphus> find ''.
    >
    > You URI-encode it. As always. @ is %40, unless i'm not awake yet.


    Or you're a lazy bastard and use URI::Escape. :)

    $ perl -MURI::Escape -e 'print uri_escape("@"), "\n"'
    %40

    -=Eric
    --
    Come to think of it, there are already a million monkeys on a million
    typewriters, and Usenet is NOTHING like Shakespeare.
    -- Blair Houghton.
     
    Eric Schwartz, Jan 12, 2004
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. dpackwood
    Replies:
    3
    Views:
    1,830
  2. Stoco

    .htaccess and perl cgi

    Stoco, Jan 12, 2004, in forum: Perl
    Replies:
    0
    Views:
    2,889
    Stoco
    Jan 12, 2004
  3. Nospam
    Replies:
    3
    Views:
    619
    Jerry Stuckle
    May 27, 2006
  4. Nospam
    Replies:
    3
    Views:
    730
    David Dorward
    Aug 15, 2006
  5. Apache htaccess and perl

    , Aug 5, 2006, in forum: Perl Misc
    Replies:
    6
    Views:
    311
Loading...

Share This Page