[wp-trac] [WordPress Trac] #10825: Flash Uploader Breaks with HTTP Authentication
WordPress Trac
wp-trac at lists.automattic.com
Sat Sep 26 10:03:00 UTC 2009
#10825: Flash Uploader Breaks with HTTP Authentication
--------------------------+-------------------------------------------------
Reporter: selling | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Unassigned
Component: Upload | Version: 2.8.4
Severity: normal | Keywords:
--------------------------+-------------------------------------------------
Comment(by hakre):
But why doesn't the flash plugin support that? It should use the browser
for doing the http requests, shouldn't it?
False: "The SWF tried to upload a file to a server that requires
authentication (such as a user name and password). During upload, Flash
Player does not provide a means for users to enter passwords."
[http://livedocs.adobe.com/flash/9.0/main/00000320.html Flash CS3 (9.0)
Documentation]
So there is no way to integrate flash uploads with httpd auth properly.
keep this in mind for security reasons.
This is a snippet for a .htaccess to exclude {{{async-upload.php}}} from
requiering authentication:
{{{
# Exclude the file upload script from authentication
<FilesMatch "(async-upload\.php)$">
Satisfy Any
Order allow,deny
Allow from all
Deny from none
</FilesMatch>
}}}
More information is available in the link posted by johnbillion.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10825#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list