[Cyberduck-trac] [Cyberduck] #7348: No Option to Specify HTTP Digest Authentication
Cyberduck
trac at trac.cyberduck.ch
Mon Jul 15 23:51:47 UTC 2013
#7348: No Option to Specify HTTP Digest Authentication
-------------------------------+-------------------
Reporter: thornton prime | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: core | Version: 4.3.1
Severity: normal | Keywords:
Architecture: | Platform:
-------------------------------+-------------------
CyberDuck always tries a HTTP/Authenticate with Basic with WebDAV first,
even if the connection is not protected with SSL or TLS.
WebDAV RFC 4918 (sect 20.1) states "Basic authentication MUST NOT be used
to authenticate a WebDAV client to a server unless the connection is
secure."
--
Ticket URL: <https://trac.cyberduck.ch/ticket/7348>
Cyberduck <http://cyberduck.ch>
Open source FTP, SFTP, WebDAV, Cloud Files, Google Docs & Amazon S3 Browser for Mac & Windows.
More information about the Cyberduck-trac
mailing list