W3C home > Mailing lists > Public > public-webapi@w3.org > September 2006

Re: Overriding userinfo in XHR.open()

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 26 Sep 2006 20:48:56 +0200
To: "Alexey Proskuryakov" <ap-carbon@rambler.ru>, public-webapi@w3.org
Message-ID: <op.tgh07uqc64w2qv@id-c0020>

On Tue, 26 Sep 2006 20:43:11 +0200, Alexey Proskuryakov  
<ap-carbon@rambler.ru> wrote:
> Is this a new feature that's not present in browsers yet? From my tests,  
> it looks like WinIE doesn't support userinfo at all, while Firefox takes  
> string values of whatever objects are passed as user/password, e.g.  
> "req.open('GET', url, true, null, null)" sets the credentials to  
> "null"/"null", so the null clause doesn't apply.

Interesting. I suppose that could be a bug... Anyway, I suggest you use  
http://dev.w3.org/cvsweb/~checkout~/2006/webapi/XMLHttpRequest/Overview.html?content-type=text/html;%20charset=utf-8  
for reading as that's a more current version.


>    Second, should the password from userinfo be used if only the user  
> parameter is provided: "req.open('GET', url, true, 'user')"? Firefox  
> resets the password to an empty string in this situation.

I would say it shouldn't be provided in this case (same as null), but I  
guess that needs more clarification.


>    Finally, I'm not sure whether userinfo support is required for  
> conformance. As quoted above, it's a MUST, but then, it is added that  
> browsers MAY not support it: "The usage of userinfo is discouraged MAY  
> not work in implementations."

This should be more clear in the latest revision. For HTTP you probably  
shouldn't support it (and throw a SYNTAX_ERR) but for some protocols it  
makes some sense. For FTP you often have the username:anonymous@domain.com  
logins... However, the current draft only "covers" HTTP.


-- 
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>
Received on Tuesday, 26 September 2006 18:49:30 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:55 GMT