2

I need to tack some simple password protection onto arbitrary html files. It does need need to be secure, but just keep out the random roff-raff. I tried using the below JS:

var password; 
    var thePassword="secretpassword"; 
    password=prompt('Enter Password',' '); 
    if (password==thePassword) { alert('Correct Password! Click OK to Enter!'); }
    else { window.location="http://www.google.com/"; }

This works fine in Firefox, but seems that the prompt function fails in IE and so we always redirect to google...

Any suggestions on how to do a simple password protection using straight HTML pages?

EDIT: to be clear, it works fine in Firefox, and in IE does not even prompt with a popup asking to "Enter Password"

Improve this question
1
  • The code seems to work fine for me on IE9. I just ran it in this jsfiddle and it works: jsfiddle.net/jfriend00/KkMRS. What version of IE are you running? I'd suggest putting an alert on what the actual value is coming back from the prompt. Commented Jun 30, 2011 at 22:52

2 Answers 2

Reset to default
2

Works fine for me in IE. Demo: http://jsfiddle.net/U2n3P/

One possible reason it may not be working is that you're populating the prompt with an empty space, by using ' ', so when you start typing there may be a space at the end. Change the prompt to:

password=prompt('Enter Password', '');

FYI, I know you said you didn't need this to be super secure, but you might as well add some security. Get an MD5 library and do, instead:

var thePassword = "md5encodedpassword";
password=prompt('Enter Password',' ');
if(md5(password) != thePassword){
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

the if statement I have is correct. I told you it works fine in Firefox. I'll look into the MD5 suggestion though!
because it ignores the statement that the code posted doesn't work in IE. IE ignores JS popups. I can't rightly use a popup like this for a password if IE will just ignore it.
What do you mean IE ignores JS popups?!? prompt works perfectly well in IE.
0

Name the secure page or directory the md5 hashed password.

function isThere(url) {
    var req= new AJ(); // XMLHttpRequest object
    try {
        req.open("HEAD", url, false);
        req.send(null);     
        return req.status== 200 ? true : false;
    }
    catch (er) {
        return false;
    }
}
password=prompt('Enter Password',' '); 
password=md5(password);
if (isThere(md5 + "/") { window.location = password + "/"; }
else { alert("incorrect"); }
Improve this answer

1 Comment

please comment why you vote it down, so far this is the only answer who allow you to protect the page without giving away the protected password or page.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.