[FX.php List] Proposed Auth Method Change to FX.php
matsuo_atsushi at mac.com
Fri Jan 9 07:31:22 MST 2015
'--anyauth' option of curl command uses the most secure one the remote site claims to support.
And FileMaker Web Publishing Engine seem not to support HTTP digest authentication.
The following request returns '401 Unauthorized' if specifying '--digest' instead of '--basic'.
$ curl -u USERNAME:PASSWORD --digest "http://127.0.0.1/fmi/xml/fmresultset.xml?-db=DBNAME&-lay=LAYOUTNAME&-findall&-max=1"
I think using CURLAUTH_BASIC instead of CURLAUTH_ANY is better.
2015/01/09 3:02、Chris Hansen <chris at iViking.org> wrotes:
> This a question that likely only effects a few experts out there... There’s a pull request right now on github that would change FX.php to explicitly use Basic HTTP authentication. Presently the cURL option in there is CURLAUTH_ANY, which means that "cURL will poll the server to see what methods it supports and pick the best one [of four possibilites]." There are more details (under CURLAUTH_ANY) here:
> Is there anyone whose FileMaker web setup is using other than BASIC authentication?
More information about the FX.php_List