1 Apr
2016
1 Apr
'16
9:25 p.m.
I hear you - but it's an internal network that anyone on that network would have access to the carddav anyway. I'm hard coding the log in page as it is. I supposed some mythical day someone could set up a carddav share that actually required authorization...
On 2016-04-01 5:14 PM, Ján Máté wrote:
With basic auth and simple http (without SSL/TLS) the username and password is sent over network in plain text form.
So technically it will work without https, but using http + basic auth is a security NIGHTMARE.
JM
On 01 Apr 2016, at 11:57 PM, Admin - Muskoka Auto Parts Limited admin@muskokaauto.com wrote:
If I had a choice... but I don't. IE it is. And no SSL - it's not required in this case.