[ from the big comment e-mail; raising as a separate issue, as requested ] If the browser is already sending credentials for a particular protection space (to use RFC2617 terminology), XHR SHOULD send them when accessing resources in the same space. It'll need to define precedence between these and those explicitly used in a call (which would override, I presume). In other words, if I'm already logged into a site, XHR should reuse my credentials, rather than ask me for them again. -- Mark Nottingham mnot@yahoo-inc.comReceived on Friday, 21 April 2006 16:34:23 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:54 GMT