lynx-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

lynx-dev ftp://user:address@hidden too much unencripted info


From: Leonid Pauzner
Subject: lynx-dev ftp://user:address@hidden too much unencripted info
Date: Mon, 8 Nov 1999 18:47:44 +0300 (MSK)

I happen to visit non-anonymous ftp account with lynx.
When I start with ftp://user:address@hidden
                            ^^^^^^
I see that prefix with username and password unencripted
for all URLs shown from lynx: in Advanced mode statusline
while navigating across directories; in History/VisitedLinks/Info
pages... Although it is documented in "URL Schemes Supported in Lynx"
it would be nice to strip password from that kind of visual output
for privacy conserns.


     _________________________________________________________________

The ftp URL:

   The ftp URL has the general format:
      ftp://username:address@hidden:port/path;type=[D,I, or A]

   The default port is :21 and the default username is anonymous. If
   username is included but not :password, Lynx will prompt you for the
   password. This is recommended, as otherwise the URL will have it
   completely unencrypted. Do not include the @ if neither username nor
...

----> From the other hand, if I have *not* added any trailing slash
----> after the host name - it will be added automatically by lynx...
----> It is a pity that lynx ftp output differs in that respect whether I
----> use Squid for ftp_proxy or set no_proxy...

   For Unix and Unix-emulation ftp servers, RFC1738 is not respected and
   the lead slash is treated as the root, i.e., the /path is handled
   equivalently to that in file URLs. The distinction is irrelevant for
   anonymous ftp, but matters when using ftp for non-anonymous accounts.
   If you are using ftp with a Unix server and do wish to get a listing
   of the login directory or have the path string treated as a file or
   path under the login directory, include a tilde (~) as for file URLs,
   e.g.:
      ftp://address@hidden/~
     _________________________________________________________________

The telnet, tn3270, and rlogin URLs:

   A telnet URL generally results in Lynx spawning a telnet session. Lynx
   implements the complete telnet URL scheme, i.e.:
      telnet://user:address@hidden:port
...

   It is unwise to include the :password field except for URLs which
   point to anonymous or other public access accounts, and for most
   TCP-IP software you will be prompted for a password whether or not one
   was included in the URL.
     _________________________________________________________________




reply via email to

[Prev in Thread] Current Thread [Next in Thread]