Re: why username and password http request showing on the web address

This is rather a HTTP/HTML question. First thing to do is to replace GET with POST (Content-Type: application/x-www-form-urlencoded). The former will put the attribute value pairs into the HTTP requests URI (after index.pl and a questionmark - the line you see in the browsers address-bar).

From a security point of view, this is still insecure. It can be improved by using HTTPS and/or message digesting the credentials.

With respect to the Perl aspect of this question, have a look at CGI - it has been removed from the Perl core recently, so you might need to install it from CPAN. For a more modern approach have a look at Dancer or Mojolicious.

Update (see question below): Have a look at the PRG pattern that avoids the browser's warning when reloading the page or using the back button.

Comment on Re: why username and password http request showing on the web address Select or Download Code

Replies are listed 'Best First'.
Re^2: why username and password http request showing on the web address by Muskovitz (Scribe) on Jan 18, 2015 at 17:13 UTC
changing GET to POST worked but when i try to put this line to my code: `Content-Type: application/x-www-form-urlencoded` when i reload the page, there's a pop up requesting to download the file. But thanks anyways now the link doesn't show up	[reply] [d/l]
Re^3: why username and password http request showing on the web address by Anonymous Monk on Jan 18, 2015 at 21:00 UTC
Yeah, thats a form attribute not a header ... see cgi101, CGI, Re^7: Perl CGI -disabled, Mojolicious::Lite +and jQuery +AJAX + Mojo::Template, Re: HTML::Template not working	[reply]