W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2007

Re: RFC2616 vs RFC2617, was: Straw-man charter for http-bis

From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Sat, 09 Jun 2007 03:03:15 +0200
To: Joe Orton <joe@manyfish.co.uk>
Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-Id: <1181350995.4818.102.camel@henriknordstrom.net>
fre 2007-06-08 klockan 11:38 +0100 skrev Joe Orton:

> Fixing that does not require any changes to the HTTP auth framework. Roy 
> pointed out a long time ago that this can be done simply by defining an 
> extension to HTML which allows an HTML 401/407 response body to contain 
> a form which is used to enter credentials.  <form action="authenticate"> 
> or something.

Preferably with a new header telling the browsers that the response body
contains not only the error message, but also the form(s) which should
be used in the dialog query for the user credentials.

> (and possibly some method for browsers to advertise support for this)

Don't really see the need for the clients to advertise any support here.
They just need to use the information if they know how, or ignore it
otherwise falling back on the current "ugly" auth dialogs..

Regards
Henrik

Received on Saturday, 9 June 2007 01:03:22 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:10 GMT