• Ghoelian@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    8 months ago

    That is also a form of basic auth, you still pass the credentials like “username:password”, optionally base64 encoded but I don’t believe that’s required.

    Edit: actually, after looking into it a bit more, it seems like passing credentials in the url will actually cause the browser to send it as an authorization header instead. So in essence it’s doing the same thing.