Hijack v381 is now out.

New in this release: HTTP authentication for web access.

By default, anyone can access anything (same as now).
To restrict web access, define one or two user:password combinations in config.ini on the player:

khttpd_basic=guest:password1
khttpd_full=admin:password2

Then give out the first password to trusted office pals who just want to stream tunes, and reserve use of the second password for when you want to login yourself to do anything other than simple streaming to your PC/Workstation.

The userid's of "guest" and "admin" are merely suggestions -- anything will do, up to 20 characters total for the "user:passwd" string (colon included).

These new options REPLACE the old security method (below). Yes, I know this is actually less secure, but it's way easier to use, which in the end likely makes it MORE secure than the old way.

So, if you have any of the old options below in config.ini, Hijack will now complain until you nuke'em:

khttpd_dirs=xxx
khttpd_files=xxx
khttpd_commands=xxx
khttpd_playlists=xxx

EDIT: There is (currently) no Logout link anywhere; to log out, just quit/restart the web browser.

Also new in this release, HTML keywords are now served as lowercase rather than uppercase. This makes the patchfile bigger than it might otherwise have been.

Cheers