I’m in the process of building a website on glitch for all sorts of general testing purposes and for enriching my own knowledge of html, js, css, working with webservers, …
I have stumbled on the chapter (if you could call it that) of authenticating user credentials. I’m currently working my way through basic authentication with the WWW-Authenticate and authorization headers. My scripts are working as expected, only returning a 200 when a specific set of credentials is entered.
It is however mentioned literally everywhere that this is not a secure method when TLS is not used on this website. Since my project is on glitch, I suppose that it is glitch itself that has to provide this. My question is if it does this, and how I myself can check if there is any way to do this. If anyone has any documentation regarding TLS, SSL, … that would also be greatly appreciated. I believe this is an essential topic if you are trying to learn how webservers work.
Thanks and I hope to hear from you soon!