Re: Fetch: HTTP authentication and CORS

On 7 mai 2013, at 02:23, HU, BIN wrote:
> Because "nonce" is needed to generate the appropriate digest, the 401 challenge is required.

So the lesson here is: any developer that intends to use authenticated XHR should always start with an XHR that is a simple ping-like GET, then do the real things. Right?


Received on Wednesday, 8 May 2013 20:15:14 UTC