Fix for using http://user:pass at [login to view URL] in IE. Microsoft intends to remove IE's support for this auth syntax (KB834489). We use this sytax in several perl cgi scripts as well as html links on our site to allow users to go directly to restricted pages without having to login. The pages are protected with .htaccess. In addition, we need to be able to send users an email with a link that will do the same. We need a good solution to replace these links. The best solution appears to be use of apache mod_auth_cookie module which is installed on the server. This allows setting session cookies that will supply the auth info in the html header.
## Deliverables
1) html code that we can substitute for this syntax (note that RAC won't let us print the common "at" character so we have used \at\ instead):
[Go To restricted dir][1] .
This new code will allow the user to click on the link and go directly to the .htaccess restricted directory without having to enter a username and password. In addition, indicate how to modify the .htaccess file (with AuthCookieName or similar) to work with this. We will continue to use apache .htaccess - don't try to implement a whole new login system. Security of the password is not an issue. They are currently in the HTML text and that is not a problem! The cookies don't have to be encrypted.
2) perl code to replace similar types of links that are produced by our cgi scripts. This will involve setting a session cookie that will work with AuthCookieName. Best if you could code a generic perl subroutine to set a cookie that we can add to the script.
3) All deliverables will be considered "work made for hire" under U.S. Copyright law. Buyer will receive exclusive and complete copyrights to all work purchased. (No GPL, GNU, 3rd party components, etc. unless all copyright ramifications are explained AND AGREED TO by the buyer on the site per the coder's Seller Legal Agreement).
## Platform
apache server 2.0, perl 4, Internet Explorer 6.0 with latest security updates