Skip to content
This repository has been archived by the owner on Aug 2, 2019. It is now read-only.

Add a configuration variable to accept or not Basic authentication #186

Open
almet opened this issue Jul 31, 2014 · 0 comments
Open

Add a configuration variable to accept or not Basic authentication #186

almet opened this issue Jul 31, 2014 · 0 comments

Comments

@almet
Copy link
Member

almet commented Jul 31, 2014

Basic authentication shouldn't be enabled by default, I think, but we could let it as an option for the user.

Rationale is that if we're using the hawk tokens with Basic auth in a non-ssl environment, then we leak them pretty badly, so we shouldn't allow that without yelling at the user.

Another way to solve the problem is to ditch out completely the Basic Auth support, or maybe call out users to not rely on that in the documentation.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

2 participants