W3C home > Mailing lists > Public > public-qa-dev@w3.org > January 2003

[checklink] HTTP basic authentication

From: Ville Skyttä <ville.skytta@iki.fi>
Date: 23 Jan 2003 22:30:07 +0200
To: public-qa-dev@w3.org
Message-Id: <1043353807.12927.667.camel@bobcat.ods.org>

Hmm,

I just realized that checklink defaults to '\.w3\.org' as the "trusted
domain" regexp, ie. it's not possible currently to use HTTP basic
authentication with resources whose uri doesn't match this.  Eek.

Additionally, I think that regexp is not the best possible default.

Sanity checking myself, how does this sound to you:

1) The default is the hostname (or domain) of the first encountered
   resource requiring basic authentication.  Hostname or domain?
2) We can't ask this multiple times in the online version.  Actually, we
   can only ask it before any output has been sent, which means that it
   is supported only for resources in the same domain|hostname as the
   initial URI.
3) The command line version could ask it multiple times whenever
   needed, unless a "trusted domain" was given in the command line.
   If it was, only forward the credentials to the matching resources,
   and don't prompt for others while checking.
4) Of course, there could be an input field for the regexp in the online
   version, but IMHO that's overkill.

Thoughts?

-- 
\/ille Skyttä
ville.skytta at iki.fi
Received on Thursday, 23 January 2003 15:29:45 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 19 August 2010 18:12:43 GMT