I’ve used htaccess to protect folders, while allowing convenient access for clients by simply embedding their login and password in the URL (as in “http://user:firstname.lastname@example.org”).
I know that including the password in the URL isn’t the safest thing to do, but it’s reasonably safe for my needs and makes it ultra convenient for my clients to access the folder without having to fill in the authentication prompt.
Problem: IE7 now disallows URLs with embedded logins.
So how can I achieve the same result without relying on an embedded password in the URL?
I’d be okay with writing a CGI to handle the authentication if there was some way it could forward the user to the protected directory without embedding the password in the URL which IE7 will choke on.
Is there some way to use redirect, or maybe even mod_rewrite, to do what I’m looking for?
Is there some other way to protect a directory other thn htaccess which I might have been luck handling in a CGI?
Thanks in advance for any tips you can share -