-1

I've got a site (site A) where PHP scripts generate i.a. links to another site (site B) which is password protected (password required by .htaccess). These links may have forms:

<a href='http://password_protected_site/resource'>
<img src='http://password_protected_site/resource'>
<object data='http://password_protected_site/resource'>

My application - when started - asks user for authorization to site B and after successful athorization everything works as expected. But.... Entering the application on site A is already password protected, so I would like to omit the second authorization done by the user. Instead, I would like my PHP script on site A made this second authorization in background, so for user it would be invisible. Is it possible? If yes, how to do it?

Olgierd Dzięcielski
  • 67
  • 4
  • 1
    You can not use PHP, to make the browser send credentials to a different site. Your PHP scripts would need to make the requests to the other site themselves, and pass the results along to the client, effectively acting as a proxy. – CBroe Apr 08 '22 at 06:59
  • Yeah, sounds good. So - HOW to do it? – Olgierd Dzięcielski Apr 08 '22 at 07:11

1 Answers1

0

I would use ajax on button click and redirect the person to another page with authorization headers (Basic Authorization). You can do a redirect like this, and add an authorization header

<?php
   ob_start();
   $new_url = 'https://example.com/final.php';
   header('Location: '.$new_url);
   ob_end_flush();
?>
boris4682
  • 16
  • 3