Is it possible to enable HTTP basic authentication in Internet Explorer?
Solution 1
The username:[email protected] construct was removed as a security feature. Storing passwords in plain text is a bad idea to start with, and this form of the url was a frequently used attack vector for phishing attacks. The article you link to lists some work-arounds... can you not just prompt the user to enter a password?
If you give a little more details about what you're doing, it's possible a better solution may be found.
Solution 2
Per the Knowledgebase article, this can be enabled by setting the DWORD
for iexplore.exe to 0 in:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]
.
Doing so will enable you to browse to URLs using the syntax [user]:[password]@[url]
.
Related videos on Youtube
TRiG
A qualified chemist who somehow drifted into web development. I’ve learned (to a greater or lesser degree of accuracy) PHP and JavaScript, and would like to learn something completely different for the sake of it. I’m a weirdo who actually enjoys reading (and sometimes writing) technical documentation.
Updated on May 02, 2022Comments
-
TRiG almost 2 years
A URL such as
http://username:[email protected]/
does not work in Internet Explorer, as explained in the Microsoft Knowledgebase article “Internet Explorer does not support user names and passwords in Web site addresses”. I can’t find a proper workaround for this. I want just a simple link in a HTML document which works.The purpose of the exercise:
We have a website, with fairly secure cookie-based login. We have standard stats packages (Webalizer and AWStats) which use HTTP authentication. I want to give the administrator of the site a quick link to the stats. The link, which includes the password, will be available only to a logged in administrator. It’s no great security risk.
-
Quentin over 13 yearsThat's because there isn't a workaround.
-
TRiG over 13 yearsOkay. I'll give up on that idea, then.
-