[1115] in WWW Security List Archive
Re: FTP Security
daemon@ATHENA.MIT.EDU (Henrik Frystyk Nielsen)
Fri Nov 3 15:45:25 1995
To: John Stewart <jns@cisco.com>
Cc: om@pc.isl.goldstar.co.kr, www-security@ns2.rutgers.edu
Reply-To: Henrik Frystyk Nielsen <frystyk@w3.org>
Date: Fri, 03 Nov 1995 12:07:51 -0500
From: Henrik Frystyk Nielsen <frystyk@w3.org>
Errors-To: owner-www-security@ns2.rutgers.edu
> Netscape doesn't have this restriction. You can specify
>
> http://user@host/directory/file
>
> and it will prompt you for a password in a different style dialogue
> box than the normal authentication box. I was appalled to learn that
> all other browsers don't understand this convention, and if fact _we_
> are going to have to implement something similar since we're changing
> the CIO ftp system for Cisco.
>
> I just wish all browsers did the FTP protocol correctly.
Oh - all applications build on top of the W3C Reference Library have had this
feature for a long time. It also support both PASV and PORT which is required
to handle firewalls in a sensible manner.
For more information, look at
http://www.w3.org/pub/WWW/Library/
--
Henrik Frystyk Nielsen, <frystyk@w3.org>
World-Wide Web Consortium, MIT/LCS NE43-356
545 Technology Square, Cambridge MA 02139, USA
