Proxy-Authorization
Proxy-Authorization
The HTTP Proxy-Authorization
request header contains the credentials to authenticate a user agent to a proxy server, usually after the server has responded with a 407
Proxy Authentication Required
status and the Proxy-Authenticate
header.
Header type | Request header |
---|---|
Forbidden header name | no |
Syntax
Proxy-Authorization: <type> <credentials>
Directives
- <type>
-
Authentication type. A common type is "Basic". See also the IANA registry of Authentication schemes.
- <credentials>
-
The credentials are constructed like this:
- The username and the password are combined with a colon (
aladdin:opensesame
). - The resulting string is base64 encoded (
YWxhZGRpbjpvcGVuc2VzYW1l
).
Note: Base64 encoding does not mean encryption or hashing! This method is as secure as sending the credentials in clear text (base64 is a reversible encoding). It is preferable to use HTTPS in conjunction with Basic Authentication.
- The username and the password are combined with a colon (
Examples
Proxy-Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l
Specifications
Specification |
---|
RFC 7235 # header.proxy-authorization |
See also
© 2005–2021 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Proxy-Authorization