I've been playing with a userid/password protected video server. It's an Aviosys 9100A. First thing i did was looking at the traffic between IE and the Aviosys. Basically it looks like this:
The first GET (stripped down to the most essential stuff):
Code: Select all
GET / HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, blablabla
*/*
Accept-Encoding: gzip, deflate
Host: aviosys
Then the Aviosys comes back with this response:
Code: Select all
HTTP/1.0 401 Unauthorized
WWW-Authenticate: Basic realm="Camera Server"
Content-Type: text/html
I get the popup, fill in userid/password and my browser sends:
Code: Select all
GET / HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg
Authorization: Basic cm9iZXJ0Omhla2tlcnM=
Host: aviosys
Now that's where we can find the key: the string "cm9iZXJ0Omhla2tlcnM=" is Base64 encoding for "robert:hekkers", being my userid and password separated by a ":".
Now Javascript (Prontoscript) doesn't have Base64 encoding onboard, but a small script is very easy to find:
Code: Select all
// This code was written by Tyler Akins and has been placed in the
// public domain. It would be nice if you left this header intact.
// Base64 code from Tyler Akins -- http://rumkin.com
var keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
function encode64(input) {
var output = "";
var chr1, chr2, chr3;
var enc1, enc2, enc3, enc4;
var i = 0;
do {
chr1 = input.charCodeAt(i++);
chr2 = input.charCodeAt(i++);
chr3 = input.charCodeAt(i++);
enc1 = chr1 >> 2;
enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
enc4 = chr3 & 63;
if (isNaN(chr2)) {
enc3 = enc4 = 64;
} else if (isNaN(chr3)) {
enc4 = 64;
}
output = output + keyStr.charAt(enc1) + keyStr.charAt(enc2) +
keyStr.charAt(enc3) + keyStr.charAt(enc4);
} while (i < input.length);
return output;
}
So i think all ingredients to make it work on the Pronto are available.[8D]
