[XHR2] Redirects (was: Re: [whatwg] unexpected use of the CORS specification)

On Tue, 10 Nov 2009 14:31:24 +0100, Julian Reschke <julian.reschke@gmx.de>  
wrote:
> Silvia Pfeiffer wrote:
>> ...
>> Further, Benno suggests extending http://www.w3.org/TR/XMLHttpRequest/
>> with a property to disable following redirects automatically so as to
>> be able to expose the redirection.
>>  I am not aware if somebody else has suggested these use cases for CORS
>> and XMLHttpRequest before (this may not even be the right fora for
>> it), but since these are so closely linked to what we do in HTML5, I
>> thought it would be good to point it out. I would think that at
>> minimum Anne knows what to do with it, since he is editor on both.
>> ...
>
> Extending XMLHttpRequest for better control over redirects certainly  
> would be a good thing.
>
> Note that there's work-in-progress of adding "proper" HTTP support to  
> the Netscape plugin API (see  
> <https://wiki.mozilla.org/Plugins:GenericHttpMethod>), where we have the  
> same feature request, and it would be good to align this with  
> XmlHttpRequest semantics.

I'm still not sure whether this should be combined with disabling  
automatic authentication dialogs if request username and request password  
are both null.

I suppose it is probably simpler to have a separate attribute for each and  
admittedly most requests have been for redirects and not for the HTTP  
authentication.

We could introduce an attribute with similar properties as timeout and  
withCredentials called followRedirects that by default is true but can be  
set to false.

What do implementors think?


-- 
Anne van Kesteren
http://annevankesteren.nl/

Received on Monday, 16 November 2009 14:32:08 UTC