- From: Joe Orton <joe@manyfish.co.uk>
- Date: Fri, 8 Jun 2007 11:38:14 +0100
- To: Keith Moore <moore@cs.utk.edu>
- Cc: Julian Reschke <julian.reschke@gmx.de>, Paul Hoffman <phoffman@imc.org>, Apps Discuss <discuss@apps.ietf.org>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
On Thu, Jun 07, 2007 at 06:11:53PM -0400, Keith Moore wrote: > Julian Reschke wrote: > > BTW: does the framework really require fixing? > > I am pretty sure that it does. I think sites will continue to insist on > being in control of the look and feel of the username/password dialog. Fixing that does not require any changes to the HTTP auth framework. Roy pointed out a long time ago that this can be done simply by defining an extension to HTML which allows an HTML 401/407 response body to contain a form which is used to enter credentials. <form action="authenticate"> or something. (and possibly some method for browsers to advertise support for this) joe
Received on Friday, 8 June 2007 10:38:30 UTC