Re: security requirements from Henrik Nordstrom on 2006-10-20 (ietf-http-wg@w3.org from October to December 2006)

From: Henrik Nordstrom <hno@squid-cache.org>
Date: Sat, 21 Oct 2006 01:23:15 +0200
To: Robert Sayre <sayrer@gmail.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <1161386595.28979.12.camel@henriknordstrom.net>

fre 2006-10-20 klockan 18:12 -0400 skrev Robert Sayre:

> Also, there is no logout button. I plan to take care of both problems
> for new schemes in Mozilla.
> 
> Message body not displayed on HTTP 401 status response
> <https://bugzilla.mozilla.org/show_bug.cgi?id=271383>

To make webmasters happy you also need to be able to embed the
credentials input in the 401 status response similar to a forms based
login, skipping the annoying popup outside of their look and feel
control..

> Need a markup widget to clear HTTP credentials
> <https://bugzilla.mozilla.org/show_bug.cgi?id=355319>

Fully agreed.

Regards
Henrik

Received on Sunday, 22 October 2006 05:34:08 UTC