Closed Nonobis closed 1 month ago
freefd
commented
2 months ago @Nonobis you should set public_url in the configation settings with inline user:password@ notation.
But please note, this notation doesn't work with Telegram, it will disable this link
Nonobis
commented
2 months ago @freefd : I can encode password in base64 ? or it's must be in plain text ... it's not really secure
freefd
commented
2 months ago @Nonobis, well, a little longer explanation then :)
As per the RFC3986, this old known form has been marked as deprecated, but is still supported by any browser or http lib, and would work anyway.
I believe, your reverse proxy is authenticating requests already, so the possible solutions could be:
Nonobis
commented
2 months ago not working ... i will wait and hope for https://github.com/0x2142/frigate-notify/issues/98 to be implemented one as an alternative.
johnwilson1969
commented
2 months ago @freefd : I can encode password in base64 ? or it's must be in plain text ... it's not really secure
just as a note, base64 is encoding, not encryption and is not really safer than plaintext. And the username:password@ gets translated into a basic auth header with the encoded username/password and if using SSL, they should be encrypted at that point. I certainly understand being hesitant to be use urls with username/password as can end up in your browsing history... or possibly cached somewhere. I do it, but I understand why others do not.
freefd
commented
1 month ago Hi there, can it be closed in favor of #98?
Nonobis
commented
1 month ago Yes, including clip better i think
I am behind Ngninx Proxy Manager, how do you bypass auth when clicking on video/.snapshot link on received notification ?