basic auth request
Robin Becker
robin at reportlab.com
Wed Aug 18 03:36:41 EDT 2021
On 17/08/2021 22:47, Jon Ribbens via Python-list wrote:
.......
> That's only true if you're not using HTTPS - and you should *never*
> not be using HTTPS, and that goes double if forms are being filled
> in and double again if passwords are being supplied.
>
I think I agree with most of the replies; I understood from reading the rfc that the charset is utf8 (presumably without
':') and that basic auth is considered insecure. It is being used over https so should avoid the simplest net scanning.
I googled a bunch of ways to do this, but many come down to 1) using the requests package or 2) setting up an opener.
Both of these seem to be much more complex than is required to add the header.
I thought there might be a shortcut or more elegant way to replace the old code, but it seems not
thanks
--
Robin Becker
More information about the Python-list
mailing list