On Wed, Aug 18, 2021 at 4:16 AM Barry Scott <ba...@barrys-emacs.org> wrote: > Oh and if you have the freedom avoid Basic Auth as its not secure at all. >
That's usually irrelevant, since the alternative is most likely to be form fill-out, which is exactly as secure. If you're serving over HTTPS, the page is encrypted, and that includes the headers; if you're not, then it's not encrypted, and that includes the form body. There are other issues with basic auth, but security really isn't one. ChrisA -- https://mail.python.org/mailman/listinfo/python-list
