aboutsummaryrefslogtreecommitdiff
path: root/files
diff options
context:
space:
mode:
authorArtyom Liou <10079456+artyomliou@users.noreply.github.com>2021-04-28 00:13:42 +0800
committerGitHub <noreply@github.com>2021-04-28 00:13:42 +0800
commit7529e52e3ae5e9d933ba6b9742dab079ef8a12f6 (patch)
tree113256897bc2ba4c7b89650216309cc4cfd150db /files
parentac0cb5d643886c54db3e21510ab86994238ef48b (diff)
downloadtranslated-content-7529e52e3ae5e9d933ba6b9742dab079ef8a12f6.tar.gz
translated-content-7529e52e3ae5e9d933ba6b9742dab079ef8a12f6.tar.bz2
translated-content-7529e52e3ae5e9d933ba6b9742dab079ef8a12f6.zip
Initial web/http/headers/authorization, zh-TW (#666)
* web/http/headers/authorization (zh-TW translation) * fix: 引號的使用
Diffstat (limited to 'files')
-rw-r--r--files/zh-tw/web/http/headers/authorization/index.html104
1 files changed, 104 insertions, 0 deletions
diff --git a/files/zh-tw/web/http/headers/authorization/index.html b/files/zh-tw/web/http/headers/authorization/index.html
new file mode 100644
index 0000000000..b5b3c3d941
--- /dev/null
+++ b/files/zh-tw/web/http/headers/authorization/index.html
@@ -0,0 +1,104 @@
+---
+title: Authorization
+slug: Web/HTTP/Headers/Authorization
+tags:
+ - HTTP
+ - HTTP Header
+ - Reference
+ - Request header
+ - header
+---
+<div>{{HTTPSidebar}}</div>
+
+<p>HTTP 請求中的 <strong><code>Authorization</code></strong> 是 user agent 用來向伺服器做身份認證(authentication)的憑證(credentials),
+ 通常是在伺服器回應 {{HTTPStatus("401")}}
+ <code>Unauthorized</code> 狀態及 {{HTTPHeader("WWW-Authenticate")}} 標頭後才會在後續請求使用這個標頭。</p>
+
+<table class="properties">
+ <tbody>
+ <tr>
+ <th scope="row">Header type</th>
+ <td>{{Glossary("Request header")}}</td>
+ </tr>
+ <tr>
+ <th scope="row">{{Glossary("Forbidden header name")}}</th>
+ <td>no</td>
+ </tr>
+ </tbody>
+</table>
+
+<h2 id="Syntax">語法</h2>
+
+<pre class="brush: html">Authorization: &lt;type&gt; &lt;credentials&gt;</pre>
+
+<h2 id="Directives">指令</h2>
+
+<dl>
+ <dt>&lt;type&gt;</dt>
+ <dd><a href="/en-US/docs/Web/HTTP/Authentication#authentication_schemes">認證方式</a>,通常是 <a
+ href="/en-US/docs/Web/HTTP/Authentication#basic_authentication_scheme">"Basic"</a>。
+ 其他方式可以參考:
+ <ul>
+ <li><a
+ href="http://www.iana.org/assignments/http-authschemes/http-authschemes.xhtml">IANA
+ registry of Authentication schemes</a></li>
+ <li><a
+ href="http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html">Authentification
+ for AWS servers (<code>AWS4-HMAC-SHA256</code>)</a></li>
+ </ul>
+ </dd>
+ <dt>&lt;credentials&gt;</dt>
+ <dd>如果使用「Basic」方式,則憑證的格式會長的像這樣:
+ <ul>
+ <li>帳號、密碼會用冒號(:)串起來
+ (<code>aladdin:opensesame</code>)。</li>
+ <li>然後在以 <a
+ href="/en-US/docs/Glossary/Base64">base64</a>
+ 編碼 (<code>YWxhZGRpbjpvcGVuc2VzYW1l</code>)。</li>
+ </ul>
+
+ <div class="note">
+ <p><strong>Note</strong>: Base64 編碼不是加密也不是雜湊(Hash)!就算用明文直接傳,
+ 安全性也跟用 base64 編碼過一樣(base64 是可以解碼的)。最好用 HTTPS 搭配這種驗證方式。</p>
+ </div>
+ </dd>
+</dl>
+
+<h2 id="Examples">範例</h2>
+
+<pre>Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l
+</pre>
+
+<p>可以看看 <a href="/en-US/docs/Web/HTTP/Authentication"> HTTP authentication</a> 中的範例
+ 教你如何在 Apache 或 nginx 上啟用 HTTP basic authentication 來保護你的網站。</p>
+
+<h2 id="Specifications">Specifications</h2>
+
+<table class="standard-table">
+ <thead>
+ <tr>
+ <th scope="col">Specification</th>
+ <th scope="col">Title</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td>{{RFC("7235", "Authorization", "4.2")}}</td>
+ <td>HTTP/1.1: Authentication</td>
+ </tr>
+ <tr>
+ <td>{{RFC("7617")}}</td>
+ <td>The 'Basic' HTTP Authentication Scheme</td>
+ </tr>
+ </tbody>
+</table>
+
+<h2 id="See_also">See also</h2>
+
+<ul>
+ <li><a href="/en-US/docs/Web/HTTP/Authentication">HTTP authentication</a></li>
+ <li>{{HTTPHeader("WWW-Authenticate")}}</li>
+ <li>{{HTTPHeader("Proxy-Authorization")}}</li>
+ <li>{{HTTPHeader("Proxy-Authenticate")}}</li>
+ <li>{{HTTPStatus("401")}}, {{HTTPStatus("403")}}, {{HTTPStatus("407")}}</li>
+</ul>