[Cyberduck-trac] [Cyberduck] #7348: No Option to Specify HTTP Digest Authentication
Cyberduck
trac at trac.cyberduck.ch
Wed Aug 21 17:40:04 UTC 2013
#7348: No Option to Specify HTTP Digest Authentication
----------------------------+------------------------
Reporter: thornton prime | Owner: dkocher
Type: defect | Status: closed
Priority: normal | Milestone: 4.4
Component: webdav | Version: 4.3.1
Severity: normal | Resolution: fixed
Keywords: | Architecture:
Platform: |
----------------------------+------------------------
Comment (by thornton prime):
Pre-emptively sending credentials amounts to a security disclosure. You
are sending credentials that can easily be converted to plain text.
Also, I still can't get it to work with R12552, even with
webdav.basic.preemptive set to false.
See attached in R12552 it warns me the connect is unsecurred, even though
I'm using SSL and it still tries to use basic authentication, even when I
have pre-emptive basic authentication disabled.
--
Ticket URL: <https://trac.cyberduck.ch/ticket/7348#comment:3>
Cyberduck <http://cyberduck.ch>
Open source FTP, SFTP, WebDAV, Cloud Files, Google Docs & Amazon S3 Browser for Mac & Windows.
More information about the Cyberduck-trac
mailing list