Getting round website authentication with Firefox

account.throw_at_gmail.com
Date: 07/25/05

  • Next message: Sune Kloppenborg Jeppesen: "[ GLSA 200507-24 ] Mozilla Suite: Multiple vulnerabilities" 
    Date: 24 Jul 2005 23:52:11 -0000
To: bugtraq@securityfocus.com
    ('binary' encoding is not supported, stored as-is) Using firefox's "save target as" feature, you can get round web authentication.

    Make a password protected directory (with a video file inside) (using .htaccess and htpasswd), check that it actully requires a login when you click the link to the video normally, then create a hyperlink to the file, right click save as - oh snap, it doesn't ask for authentication.

    I've only tested it with a video file and Firefox 1.0.6.

  • Next message: Sune Kloppenborg Jeppesen: "[ GLSA 200507-24 ] Mozilla Suite: Multiple vulnerabilities"

    Relevant Pages

    • Re: how to make my RAID device WORM(write once and read many)
      ... I formated the target device in vfat, ... >i am mounting the device in host machine it should ... for which purpose do you need this feature? ... database with add-only interface and allow ...
      (freebsd-questions)
    • Re: CFO: Why ./configure?
      ... > translation rules are missing, then the translation is impossible on/for that ... > target platform, and only the installation of an more appropriate translator ... or "Should I enable feature X?" ...
      (comp.os.linux.development.apps)
    • Re: What is Forth?
      ... feature of Forth was great. ... features for developers than developing directly on the target. ... direct comparison between Forth and C is silly. ... only use Forth versus programmers who only use C. ...
      (comp.lang.forth)
    • Re: inner classes in python as inner classes in Java
      ... > have the same semantics whether target was already bound to something ... Even smalltalk has this feature.. ... for inner class instances?? ... It's like inner method.. ...
      (comp.lang.python)
    • Re: What is Forth?
      ... Again, when the year was 1980 and development machines were costly, this feature of Forth was great. ... umbilical Forth models offer far more features for developers than developing directly on the target. ... But the same can be done by starting more simply than Forth itself-- writing a small monitor (typically to read memory, write memory, and execute code) over some communications channel. ... Any competent embedded systems programmer can probably write that in a couple hours, connect that up to a full-featured Forth on some development machine, and then write some simple interface words. ...
      (comp.lang.forth)