Questions tagged [http-basic-auth]

HTTP basic auth is an authentication mechanism used for websites over the HTTP protocol. It is commonly recogniced by a browser password prompt.

22 questions

votes

1 answer

Why would image resources loaded from different origins triggering HTTP authentication dialogs be harmful?

From https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication, it says: A potential security hole that has recently been fixed by browsers is authentication of cross-site images. From Firefox 59 onwards, image resources loaded from…

http-basic-auth

asked Sep 05 '19 at 03:37

Rick

1,037
1
9
24

votes

2 answers

Any downside to using basic authentication over HTTPS in addition to native authentication?

Can basic authentication over HTTPS do any harm on a personal one-user server if used in addition to native authentication provided by individual web applications?

http-basic-auth

asked Aug 18 '19 at 16:24

Mihai Nagy

votes

2 answers

HTTP Basic Auth question

I am using HTTP Basic Auth to authenticate the user. Once authenticated, I set req.session.loggedIn = true on the server-side. If a user makes requests after being logged in, for security purposes, should I just check the session loggedIn value or…

http-basic-auth

asked Sep 24 '20 at 16:32

jpj