Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Status Shipped
Workspace Domino
Categories Security
Created by Guest
Created on Jul 28, 2018

Prevent authentication using username=xxx&password=xxx in URL

By using the basic username & password authentication, visitor may bypass captcha in custom login form.

  • Attach files
  • Admin
    Thomas Hampel
    Reply
    |
    Nov 8, 2022

    This was addressed in Domino V12 by changing the default behaviour.
    it can be controlled by the Notes.ini "DominoDisableLoginQueryArgs" - since V12 the default is 1, which means disabled.

  • Guest
    Reply
    |
    Jul 31, 2018

    This is genuinely useful in other situations. One example is "uptimerobot" which we use to poll pages to measure uptime.