I initially send an http request to the server, as shown: > GET /start.htm HTTP/1.1 > Host: router > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20060605 SeaMonkey/1.5a > Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 > Accept-Language: en-us,en;q=0.5 > Accept-Encoding: gzip,deflate > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > Keep-Alive: 300 > Connection: keep-alive > The server responds: > HTTP/1.0 401 Unauthorized > Server: IP_SHARER WEB 1.0 > WWW-Authenticate: Basic realm="MR814v2" > Content-type: text/html > > 401 Unauthorized > At this point, I am prompted for my master password. When I give it, a basic auth dialog appears that is filled in with the user name and password information stored for this server. When I click OK, the following request is sent. > GET /start.htm HTTP/1.1 > Host: router > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20060605 SeaMonkey/1.5a > Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 > Accept-Language: en-us,en;q=0.5 > Accept-Encoding: gzip,deflate > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > Keep-Alive: 300 > Connection: keep-alive > Authorization: Basic dXNlcjpwYXNzd29yZA0K > (Note, that authorization data is faked here in this log, not my real data.) And it receives the following response from the server: > HTTP/1.0 200 OK > Server: IP_SHARER WEB 1.0 > Content-type: text/html > > html> >
> [SNIPPED] Several more requests and responses occur immediately, all AOK. e.g. > GET /menu.htm HTTP/1.1 > Host: router > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20060605 SeaMonkey/1.5a > Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 > Accept-Language: en-us,en;q=0.5 > Accept-Encoding: gzip,deflate > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > Keep-Alive: 300 > Connection: keep-alive > Referer: http://router/start.htm > Authorization: Basic dXNlcjpwYXNzd29yZA0K > which gets this response > HTTP/1.0 200 OK > Server: IP_SHARER WEB 1.0 > Content-type: text/html > > > > [SNIPPED] Then I wait 10 minutes, and click a link on the 10 minute old web page. That sends this request: > GET /s_status.htm HTTP/1.1 > Host: router > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20060605 SeaMonkey/1.5a > Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 > Accept-Language: en-us,en;q=0.5 > Accept-Encoding: gzip,deflate > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > Keep-Alive: 300 > Connection: keep-alive > Referer: http://router/menu.htm > Authorization: Basic dXNlcjpwYXNzd29yZA0K > And I get this response: > HTTP/1.0 401 Unauthorized > Server: IP_SHARER WEB 1.0 > WWW-Authenticate: Basic realm="MR814v2" > Content-type: text/html > > > >