我在 php 站点上设置基本身份验证并找到 this显示设置的 php 手册上的页面。标题中的“领域”是什么意思?
header('WWW-Authenticate: Basic realm="My Realm"');
是请求的page页面吗?
最佳答案
From RFC 1945 (HTTP/1.0)和 RFC 2617 (HTTP Authentication referenced by HTTP/1.1)
The realm attribute (case-insensitive) is required for all authentication schemes which issue a challenge. The realm value (case-sensitive), in combination with the canonical root URL of the server being accessed, defines the protection space. These realms allow the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme and/or authorization database. The realm value is a string, generally assigned by the origin server, which may have additional semantics specific to the authentication scheme.
简而言之,同一领域中的页面应该共享凭据。如果您的凭据适用于具有“我的领域” 领域的页面,则应该假设相同的用户名和密码组合应该适用于具有相同领域的另一个页面。
关于http - 基本认证中的 "realm"是什么,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/12701085/