[FX.php List] Proposed Auth Method Change to FX.php
Nick
whatdoyouwant at gmail.com
Thu Jan 29 14:41:21 MST 2015
I seem to remember the reason we didn't do this in the past was to support
an old version of PHP.
On Fri, Jan 9, 2015 at 8:31 AM, Atsushi Matsuo <matsuo_atsushi at mac.com>
wrote:
> Hi,
>
> '--anyauth' option of curl command uses the most secure one the remote
> site claims to support.
>
> http://curl.haxx.se/docs/manpage.html#--anyauth
>
> And FileMaker Web Publishing Engine seem not to support HTTP digest
> authentication.
> The following request returns '401 Unauthorized' if specifying '--digest'
> instead of '--basic'.
>
> $ curl -u USERNAME:PASSWORD --digest "
> http://127.0.0.1/fmi/xml/fmresultset.xml?-db=DBNAME&-lay=LAYOUTNAME&-findall&-max=1
> "
>
> I think using CURLAUTH_BASIC instead of CURLAUTH_ANY is better.
>
> --
> Atsushi Matsuo
> http://www.famlog.jp/
> http://inter-mediator.org/
>
>
> 2015/01/09 3:02、Chris Hansen <chris at iViking.org> wrotes:
> > This a question that likely only effects a few experts out there...
> There’s a pull request right now on github that would change FX.php to
> explicitly use Basic HTTP authentication. Presently the cURL option in
> there is CURLAUTH_ANY, which means that "cURL will poll the server to see
> what methods it supports and pick the best one [of four possibilites]."
> There are more details (under CURLAUTH_ANY) here:
> >
> > http://us1.php.net/manual/en/function.curl-setopt.php
> >
> > Is there anyone whose FileMaker web setup is using other than BASIC
> authentication?
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.iviking.org/pipermail/fx.php_list/attachments/20150129/b2e8f6c5/attachment.html
More information about the FX.php_List
mailing list