WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED INVALID
19189
Invalid Warning For HTTP Digest Authentication
https://bugs.webkit.org/show_bug.cgi?id=19189
Summary
Invalid Warning For HTTP Digest Authentication
dac514
Reported
2008-05-22 08:00:27 PDT
When using HTTP Digest Authentication, Safari warns "Your password will be sent in the clear" which is not a true statement. This is problematic because it makes a login that is (more or less) secure seem very insecure to the user. If you want a quick way to setup HTTP Digest Authentication, phpMyID uses it. Otherwise, Apache has mod_auth_digest which is also easy to setup. @see:
http://en.wikipedia.org/wiki/Digest_access_authentication
http://siege.org/projects/phpMyID/
http://httpd.apache.org/docs/1.3/howto/auth.html#digest
Attachments
Add attachment
proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1
2008-05-22 12:00:23 PDT
<
rdar://problem/5956669
>
Mark Rowe (bdash)
Comment 2
2008-05-22 13:08:44 PDT
This issue is not in WebKit, but the CFNetwork framework that WebKit uses for network communication. It was fixed in Mac OS X 10.5. Closing bug as INVALID to indicate that the bug is outside of WebKit.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug