eschulte pushed a commit to branch master
in repository elpa.
commit 8be3e3f4a1f1c6970a51fff39f55832f8370484b
Author: Eric Schulte <[email protected]>
Date: Thu Jan 2 23:11:05 2014 -0700
note: shouldn't use BASIC authentication w/o HTTPS
---
doc/web-server.texi | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/doc/web-server.texi b/doc/web-server.texi
index f74a63a..6821935 100644
--- a/doc/web-server.texi
+++ b/doc/web-server.texi
@@ -243,6 +243,12 @@ The client replies by setting the ``Authorization'' HTTP
header which
is parsed into a list of the form @code{(PROTOCOL USERNAME
. PASSWORD)}. Currently only BASIC HTTP authentication is supported.
+@noindent
+Note: BASIC HTTP authentication passes user credentials in plain text
+between the client and the server and should generally only be used
+with HTTPS network encryption. The Emacs web server currently doesn't
+support HTTPS network encryption.
+
@verbatiminclude ../examples/6-basic-authentication.el
@node Function Index, Copying, Usage Examples, Top
